30112 matches found
CVE-2025-31655
Incorrect default permissions for some IntelR Battery Life Diagnostic Tool within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...
CVE-2025-30508
Improper authorization in the IntelR Quick Assist Technology for some IntelR Platforms within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...
CVE-2025-31648
Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...
CVE-2025-27243
Out-of-bounds write in the firmware for some IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result m...
CVE-2025-27535
Exposed ioctl with insufficient access control in the firmware for some IntelR Ethernet Connection E825-C. before version NVM ver. 3.84 within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a high complexity attack may enable...
CVE-2025-27708
Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-27560
Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...
CVE-2025-25058
Improper initialization for some ESXi kernel mode driver for the IntelR Ethernet 800-Series before version 2.2.2.0 esxi 8.0 & 2.2.3.0 esxi 9.0 within Ring 1: Device Drivers may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexi...
CVE-2025-22849
Incorrect default permissions for the IntelR OptaneTM PMem management software before versions CRMGMT01.00.00.3584, CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined...
CVE-2025-24851
Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...
CVE-2025-20070
Improper conditions check for the IntelR OptaneTM PMem management software before versions CRMGMT02.00.00.4052, CRMGMT03.00.00.0538 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity...
CVE-2025-20080
Null pointer dereference in the firmware for some IntelR AMT and IntelR Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur...
CVE-2025-31648
Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...
UBUNTU-CVE-2025-31648
Improper handling of values in the microcode flow for some IntelR Processor Family may allow an escalation of privilege. Startup code and smm adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...
CVE-2025-36522
Incorrect default permissions for some IntelR Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
CVE-2025-36522
Incorrect default permissions for some IntelR Chipset Software before version 10.1.20266.8668 or later. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of...
CVE-2025-36522
Summary of CVE-2025-36522: The affected component is Intel Chipset Software. The vulnerability arises from incorrect default permissions in Ring 3 user applications, potentially enabling privilege escalation. It requires a local attacker with an authenticated user and high attack complexity, with...
CVE-2025-36511
Incorrect default permissions for some IntelR Memory and Storage Tool before version 2.5.2 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This...
CVE-2025-36511
Intel Memory and Storage Tool (prior to 2.5.2) is affected by an incorrect default-permissions flaw that may allow local privilege escalation by an authenticated user with high attack complexity and requiring user interaction. Impact is high on confidentiality, integrity, and availability. No exp...
CVE-2025-35999
Incorrect permission assignment for critical resource for some System Firmware Update Utility SysFwUpdt for IntelR Server Boards and IntelR Server Systems Based before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with a privileg...