CVE-2025-35990

Improper input validation for some Intel Endpoint Management Assistant EMA software before version 1.14.5 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable escalation...

Intel Slim Bootloader 输入验证错误漏洞

Intel Slim Bootloader is a lightweight security bootloader designed by Intel Corporation for the Intel platform. There is an input validation vulnerability in Intel Slim Bootloader, which stems from an integer overflow issue in the UEFI firmware. This vulnerability may lead to privilege escalatio...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-27560

Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-24851

Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...

CVE-2025-27708

Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-27243

Summary of CVE-2025-27243 : An out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810, prior to firmware cvl fw 1.7.8.x, can cause a denial of service. The impact is limited to availability with no confidentiality or integrity effects, but the attack is local and requires ...

PT-2026-7288

Name of the Vulnerable Software and Affected Versions Intel Ethernet Controller E810 firmware versions prior to cvl fw 1.7.8.x Description An uncaught exception in the firmware of certain 100GbE Intel Ethernet Controller E810 devices running Ring 0: Bare Metal OS may lead to a denial of service. ...

CVE-2025-32732

Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

CVE-2025-24519

Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially...

CVE-2025-24847

Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

CVE-2025-24838

Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...

CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

EUVD-2025-93473

Out-of-bounds read for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This...

EUVD-2025-93481

Improper conditions check for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially...

EUVD-2025-93514

Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

EUVD-2025-93507

Protection mechanism failure for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...

CVE-2025-35967

Out-of-bounds read for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This...

CVE-2025-32732

Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...

DEBIAN-CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...