CVE-2024-21944

Improper input validation for DIMM serial presence detect SPD metadata could allow an attacker with physical access, ring0 access on a system with a non-compliant DIMM, or control over the Root of Trust for BIOS update, to potentially overwrite guest memory resulting in loss of guest data integri...

EUVD-2025-209789

Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

EUVD-2025-209793

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-35991

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-35991

The CVE-2025-35991 entry describes an improper initialization in the UEFI firmware for some Intel platforms (Ring 0: Bare Metal OS) that may allow information disclosure. The issue requires a local attacker with privileged access and high attack complexity, with no user interaction, and could imp...

PT-2026-40075

Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

PT-2026-40079

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2026-40317

NovumOS (a custom 32-bit OS written in Zig/x86 Assembly) prior to version 0.24 is affected by a local privilege-escalation in the Syscall 12 JumpToUser interface. The vulnerability arises because JumpToUser accepts an arbitrary entry-point address from user-space without validation, enabling any ...

Intel (R): From CVEorg collector

Missing protection mechanism for alternate hardware interface in the Intel® Quick Assist Technology for some Intel® Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of...

K000160096: Intel QuickAssist Technology vulnerability CVE-2025-35998

Security Advisory Description Missing protection mechanism for alternate hardware interface in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity...

Linux Distros Unpatched Vulnerability : CVE-2025-35998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing protection mechanism for alternate hardware interface in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow an...

CVE-2025-32007

Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attac...

CVE-2025-32467

Use of uninitialized variable for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access wh...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-31944

Race condition for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow a denial of service. Authorized adversary with a privileged user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack...

CVE-2025-20080

Null pointer dereference in the firmware for some IntelR AMT and IntelR Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur...

CVE-2025-30513

Race condition for some TDX Module within Ring 0: Hypervisor may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements...

CVE-2025-30508

Improper authorization in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...

CVE-2025-27572

Exposure of sensitive information during transient execution for some TDX within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access...