Vulnerabilities > Intel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-12 | CVE-2018-3616 | Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | 5.9 |
| 2018-09-12 | CVE-2018-12163 | Uncontrolled Search Path Element vulnerability in Intel IOT Developers KIT 4.0 A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. | 4.8 |
| 2018-09-12 | CVE-2018-12160 | Incorrect Default Permissions vulnerability in Intel Data Migration Software 3.1 DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access. | 5.3 |
| 2018-09-12 | CVE-2018-12151 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Extreme Tuning Utility Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access. | 5.5 |
| 2018-09-12 | CVE-2018-12150 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Extreme Tuning Utility Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. | 6.7 |
| 2018-09-12 | CVE-2018-12149 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Extreme Tuning Utility Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. | 5.5 |
| 2018-08-21 | CVE-2018-10932 | Improper Output Neutralization for Logs vulnerability in Intel Lldptool lldptool version 1.0.1 and older can print a raw, unsanitized attacker controlled buffer when mngAddr information is displayed. | 4.3 |
| 2018-08-14 | CVE-2018-3646 | Unspecified vulnerability in Intel products Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. | 5.6 |
| 2018-08-14 | CVE-2018-3620 | Information Exposure Through Discrepancy vulnerability in Intel products Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | 5.6 |
| 2018-08-14 | CVE-2018-3615 | Information Exposure Through Discrepancy vulnerability in Intel products Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. | 6.4 |