Vulnerabilities > Intel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-22 | CVE-2018-3640 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. | 5.6 |
| 2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 5.5 |
| 2018-05-15 | CVE-2018-3661 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Selview and Syscfg Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. | 5.5 |
| 2018-05-15 | CVE-2018-3634 | Improper Input Validation vulnerability in Intel Online Connect Access 1.9.22.0 Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. | 5.5 |
| 2018-05-15 | CVE-2018-3611 | Improper Input Validation vulnerability in Intel Graphics Driver Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. | 6.5 |
| 2018-04-03 | CVE-2017-5703 | Improper Privilege Management vulnerability in Intel products Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. | 6.0 |
| 2018-04-03 | CVE-2018-3689 | Unspecified vulnerability in Intel Software Guard Extensions AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM. | 5.5 |
| 2018-03-27 | CVE-2018-9056 | Information Exposure vulnerability in multiple products Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. | 5.6 |
| 2018-03-26 | CVE-2014-2312 | Link Following vulnerability in Intel Thermald The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid. | 5.5 |
| 2018-03-20 | CVE-2018-3626 | Information Exposure vulnerability in Intel SGX SDK Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | 4.7 |