Vulnerabilities > Intel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-11 | CVE-2021-33164 | Unspecified vulnerability in Intel products Improper access control in BIOS firmware for some Intel(R) NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2022-11-11 | CVE-2022-21198 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Intel products Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.4 |
| 2022-11-11 | CVE-2022-21794 | Improper Authentication vulnerability in Intel products Improper authentication in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Business, Intel(R) NUC Enthusiast, Intel(R) NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2022-11-11 | CVE-2022-25917 | Improper Handling of Exceptional Conditions vulnerability in Intel products Uncaught exception in the firmware for some Intel(R) Server Board M50CYP Family before version R01.01.0005 may allow a privileged user to potentially enable a denial of service via local access. | 4.4 |
| 2022-11-11 | CVE-2022-26006 | Improper Input Validation vulnerability in Intel products Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | 6.7 |
| 2022-11-11 | CVE-2022-26047 | Improper Input Validation vulnerability in Intel products Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. | 6.5 |
| 2022-11-11 | CVE-2022-27499 | Operation on a Resource after Expiration or Release vulnerability in Intel SGX SDK Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | 4.4 |
| 2022-11-11 | CVE-2022-28667 | Out-of-bounds Write vulnerability in Intel products Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi software before version 22.140 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 6.5 |
| 2022-11-11 | CVE-2022-29466 | Improper Input Validation vulnerability in Intel Server Platform Services Firmware Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2022-11-11 | CVE-2022-29515 | Memory Leak vulnerability in Intel Server Platform Services Firmware Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access. | 5.5 |