Vulnerabilities > Intel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-01 | CVE-2018-3650 | Improper Input Validation vulnerability in Intel Distribution for Python 2018 Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector. | 4.6 |
| 2018-07-10 | CVE-2018-3693 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | 4.7 |
| 2018-07-10 | CVE-2018-3688 | Unquoted Search Path or Element vulnerability in Intel Quartus Prime Programmer and Tools Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | 4.6 |
| 2018-07-10 | CVE-2018-3687 | Unquoted Search Path or Element vulnerability in Intel Quartus II Programmer and Tools Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | 4.6 |
| 2018-07-10 | CVE-2018-3684 | Unquoted Search Path or Element vulnerability in Intel Quartus II Unquoted service paths in Intel Quartus II in versions 11.0 - 15.0 allow a local attacker to potentially execute arbitrary code. | 4.6 |
| 2018-07-10 | CVE-2018-3683 | Unquoted Search Path or Element vulnerability in Intel Quartus Prime Unquoted service paths in Intel Quartus Prime in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code. | 4.6 |
| 2018-07-10 | CVE-2018-3682 | Improper Privilege Management vulnerability in Intel BMC Firmware BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. | 4.6 |
| 2018-07-10 | CVE-2018-3668 | Unquoted Search Path or Element vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. | 4.6 |
| 2018-07-10 | CVE-2018-3667 | Insecure Default Initialization of Resource vulnerability in Intel Processor Diagnostic Tool 4.1.0.24 Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. | 4.6 |
| 2018-07-10 | CVE-2018-3652 | Information Exposure vulnerability in Intel products Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. | 4.6 |