Vulnerabilities > Intel > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-10 | CVE-2018-3629 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Active Management Technology Firmware Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. | 3.3 |
2018-06-05 | CVE-2018-3691 | Unspecified vulnerability in Intel Integrated Performance Primitives Cryptography Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time. local intel | 1.9 |
2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |
2018-05-15 | CVE-2018-3661 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Selview and Syscfg Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. | 2.1 |
2018-04-03 | CVE-2017-5703 | Improper Privilege Management vulnerability in Intel products Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. | 3.6 |
2018-04-03 | CVE-2018-3689 | Unspecified vulnerability in Intel Software Guard Extensions AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM. | 2.1 |
2018-03-20 | CVE-2018-3626 | Information Exposure vulnerability in Intel SGX SDK Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | 1.9 |
2018-01-18 | CVE-2017-5699 | Improper Input Validation vulnerability in Intel Minnowboard 3 Firmware Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs. | 2.1 |
2018-01-09 | CVE-2018-3610 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Driver & Support Assistant SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status registers potentially allowing information disclosure or a denial of service condition. | 3.6 |
2018-01-04 | CVE-2017-5715 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | 1.9 |