Vulnerabilities > Intel > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-10 | CVE-2018-3684 | Unquoted Search Path or Element vulnerability in Intel Quartus II 11.0/15.0 Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
| 2018-07-10 | CVE-2018-3683 | Unquoted Search Path or Element vulnerability in Intel Quartus Prime Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | 7.8 |
| 2018-07-10 | CVE-2018-3682 | Improper Privilege Management vulnerability in Intel BMC Firmware BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. | 8.2 |
| 2018-07-10 | CVE-2018-3668 | Unquoted Search Path or Element vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. | 7.8 |
| 2018-07-10 | CVE-2018-3667 | Insecure Default Initialization of Resource vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. | 7.8 |
| 2018-07-10 | CVE-2018-3652 | Information Exposure vulnerability in Intel products Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. | 7.6 |
| 2018-07-10 | CVE-2018-3628 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Active Management Technology Firmware Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. | 8.8 |
| 2018-07-10 | CVE-2018-3627 | Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. | 8.2 |
| 2018-05-10 | CVE-2018-3649 | Uncontrolled Search Path Element vulnerability in Intel products DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution. | 7.8 |
| 2018-05-10 | CVE-2018-3612 | Improper Input Validation vulnerability in Intel products Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). | 7.8 |