E3 Security Vulnerabilities
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local...
4.4CVSS
4.3AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5CVSS
6.9AI Score
0.001EPSS
Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting...
5.4CVSS
5.3AI Score
0.001EPSS
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a SQL injection vulnerability via the idt...
9.8CVSS
9.8AI Score
0.002EPSS
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 (and on many other Lenovo and non-Lenovo products), mishandles DLL...
7.8CVSS
7.6AI Score
0.001EPSS
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and...
6.1CVSS
6AI Score
0.001EPSS
Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This vulnerability allows attackers to escalate privileges via unspecified...
6.1CVSS
6.2AI Score
0.001EPSS
Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air Conditioning, Wi-Fi Interface, Refrigerator, HEMS adapter, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery...
6.1CVSS
6.3AI Score
0.002EPSS
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric.....
9.8CVSS
9.3AI Score
0.005EPSS
Nortek Linear eMerge E3-Series 0.32-07p devices are vulnerable to /card_scan.php?CardFormatNo= XSS with session fixation (via PHPSESSID) when they are chained together. This would allow an attacker to take over an admin account or a user...
6.1CVSS
6AI Score
0.001EPSS
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for...
9.8CVSS
9.6AI Score
0.974EPSS
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that allow an attacker to open a building's doors. (This occurs in situations where the CVE-2019-7271 default credentials have been...
8.2CVSS
8.1AI Score
0.003EPSS
Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local...
5.5CVSS
5.8AI Score
0.0004EPSS
Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
6.7CVSS
6.3AI Score
0.0004EPSS
Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
7.8CVSS
7.4AI Score
0.0004EPSS
Use of out-of-range pointer offset in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
7.8CVSS
7.4AI Score
0.0004EPSS
Return of pointer value outside of expected range in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
7.8CVSS
7.3AI Score
0.0004EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local...
7.8CVSS
7.3AI Score
0.0004EPSS
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local...
5.5CVSS
5AI Score
0.0004EPSS
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.6AI Score
0.0004EPSS
Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.5AI Score
0.0004EPSS
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local...
6.7CVSS
6.5AI Score
0.0004EPSS
Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local...
4.4CVSS
5.5AI Score
0.0004EPSS
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.4CVSS
6.8AI Score
0.0004EPSS
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable escalation of privilege via physical...
6.8CVSS
7.2AI Score
0.001EPSS
Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
7AI Score
0.0004EPSS
Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local...
5.5CVSS
6AI Score
0.0004EPSS
Out of bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local...
4.4CVSS
5.5AI Score
0.0004EPSS
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.5AI Score
0.0004EPSS
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local...
5.5CVSS
5.5AI Score
0.0005EPSS
Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.8AI Score
0.0004EPSS
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
6.3AI Score
0.001EPSS
Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334:...
5.6CVSS
5.3AI Score
0.0004EPSS
Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330:...
5.6CVSS
5AI Score
0.0004EPSS
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.4AI Score
0.0005EPSS
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.5CVSS
5.6AI Score
0.0005EPSS
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local...
5.5CVSS
6.1AI Score
0.001EPSS
Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local...
5.3CVSS
5.4AI Score
0.0005EPSS
Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local...
6.7CVSS
6.3AI Score
0.0004EPSS
Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.7CVSS
6.7AI Score
0.0004EPSS
Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and...
5.5CVSS
5.1AI Score
0.0004EPSS
Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a...
4.4CVSS
5.1AI Score
0.0004EPSS
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local...
6.5CVSS
7AI Score
0.0005EPSS
Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A....
7.8CVSS
8.2AI Score
0.0004EPSS
Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A...
5.5CVSS
6.7AI Score
0.0004EPSS