Description
Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html
____________________
Description
Improper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 8.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
___________________
Description
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
________________
Description
Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.3 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html
____________________
Description
Use after free in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
______________________
Description
Protection mechanism failure in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.8 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html
__________________
Description
Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Base Score: 8.3 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html
_______________________
Description
Improper initialization in the Intel(R) TXT SINIT ACM for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 7.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
______________________
Description
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00717.html
________________________
Description
Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html
__________________________
Description
Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.3 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html
_____________________
Description
Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.3 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html
_________________________
Description
Active debug code in some Intel (R) SPS firmware before version SPS_E5_04.04.04.300.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 8.8 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00718.html
_________________________
Description
Insufficient control flow management in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 8.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html
________________________-
Description
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 8.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html
___________________________
Description
Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 8.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html
______________________________-
Description
Improper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 8.4 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00746.html
________________________
Description
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.1 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
________________________
Description
Improper access control in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Base Score: 7.7 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
____________________________
Description
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Base Score: 7.4 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00729.html
_________________________________
Description
Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Processors when using Intel(R) Software Guard Extensions which may allow a privileged user to potentially enable escalation of privilege via local access.
Base Score: 7.2 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html
_____________________________
Description
Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.
Base Score: 7.5 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00737.html
_______________________________
Description
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.3 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00751.html
_______________________________
Description
Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Base Score: 7.8 HIGH
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00765.html
CVE-2022-3724 Description Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows Base Score: 7.5 HIGH https://www.wireshark.org/security/wnpa-sec-2022-08.html ____________________________ CVE-2022-46829 Description In JetBrains JetBrains Gateway before 2022.3 a client could connect without a valid token if the host consented. Base Score: 8.8 HIGH […]
CVE-2022-47986 Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was […]
CVE-2022-20929 Description A vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, local attacker to provide an unauthentic upgrade file for upload. This vulnerability is due to insufficient cryptographic signature verification of upgrade files. An attacker could exploit this vulnerability by providing an administrator with an unauthentic […]
Leave a Reply