Vulnerabilities > Intel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-28411 | Double Free vulnerability in Intel products Double free in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | 5.5 |
| 2023-04-12 | CVE-2023-28488 | Out-of-bounds Write vulnerability in Intel Connman client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process. | 6.5 |
| 2023-02-16 | CVE-2021-33104 | Unspecified vulnerability in Intel ONE Boot Flash Update Improper access control in the Intel(R) OFU software before version 14.1.28 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-02-16 | CVE-2022-27234 | Server-Side Request Forgery (SSRF) vulnerability in Intel Computer Vision Annotation Tool Server-side request forgery in the CVAT software maintained by Intel(R) before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access. | 6.5 |
| 2023-02-16 | CVE-2022-29493 | Improper Handling of Exceptional Conditions vulnerability in Intel Baseboard Management Controller Firmware Uncaught exception in webserver for the Integrated BMC in some Intel(R) platforms before versions 2.86, 2.09 and 2.78 may allow a privileged user to potentially enable denial of service via network access. | 4.9 |
| 2023-02-16 | CVE-2022-29494 | Improper Input Validation vulnerability in Intel Openbmc Egs0.91179 Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access. | 6.5 |
| 2023-02-16 | CVE-2022-31476 | Unspecified vulnerability in Intel System Usage Report Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-02-16 | CVE-2022-33196 | Incorrect Default Permissions vulnerability in Intel products Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2023-02-16 | CVE-2022-33972 | Incorrect Calculation vulnerability in Intel products Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2023-02-16 | CVE-2022-35883 | NULL Pointer Dereference vulnerability in Intel Media Software Development KIT NULL pointer dereference in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |