150 matches found
CVE-2025-27560
Loop with unreachable exit condition 'infinite loop' for some IntelR Platform within Ring 0: Kernel may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This result may potentially occur via local acces...
CVE-2025-24851
Uncaught exception in the firmware for some 100GbE IntelR Ethernet Controller E810 before version cvl fw 1.7.8.x within Ring 0: Bare Metal OS may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable denial of service. This...
CVE-2025-30513
CVE-2025-30513 describes a race condition in a TDX Module operating in Ring 0 that may enable local privilege escalation. The vulnerability could impact confidentiality and integrity (high) with no availability impact, via a local attack requiring high privileges and no user interaction, and with...
CVE-2025-27708
Out-of-bounds read in the firmware for some IntelR Converged Security and Management Engine CSME Firmware FW within Ring 0: Kernel may allow an information disclosure. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-27243
Summary of CVE-2025-27243 : An out-of-bounds write in the firmware for some Intel(R) Ethernet Controller E810, prior to firmware cvl fw 1.7.8.x, can cause a denial of service. The impact is limited to availability with no confidentiality or integrity effects, but the attack is local and requires ...
CVE-2025-24851
CVE-2025-24851 affects Intel Ethernet Controller E810 100GbE firmware (cvl fw 1.7.8.x and earlier) running Ring 0 Bare Metal OS. The issue is an uncaught exception that may allow a local, privileged attacker with low complexity and no user interaction to cause denial of service, impacting availab...
PT-2026-7298
Name of the Vulnerable Software and Affected Versions versions prior to 2025-30513 Description A race condition exists within a TDX Module operating in Ring 0, potentially allowing an escalation of privilege. A system software adversary with privileged user access and a low complexity attack may...
PT-2026-7313
Name of the Vulnerable Software and Affected Versions Intel Quick Assist Technology affected versions not specified Description A missing protection mechanism for an alternate hardware interface within Ring 0 may allow an escalation of privilege. A system software adversary with privileged user...
PT-2026-7288
Name of the Vulnerable Software and Affected Versions Intel Ethernet Controller E810 firmware versions prior to cvl fw 1.7.8.x Description An uncaught exception in the firmware of certain 100GbE Intel Ethernet Controller E810 devices running Ring 0: Bare Metal OS may lead to a denial of service. ...
PT-2026-7295
Name of the Vulnerable Software and Affected Versions IntelR Converged Security and Management Engine CSME Firmware FW affected versions not specified Description An out-of-bounds read issue exists in the firmware within Ring 0: Kernel, potentially allowing information disclosure. A system softwa...
CVE-2022-35202
A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain non-default scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystor...
CVE-2025-27249
Uncontrolled resource consumption for some Gaudi software before version 1.21.0 within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occu...
CVE-2025-32446
Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This...
CVE-2025-32732
Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via...
CVE-2025-24519
Buffer overflow for some IntelR QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially...
CVE-2025-24863
Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result...
CVE-2025-24847
Improper input validation for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...
CVE-2025-30255
Out-of-bounds write for some IntelR PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This...
CVE-2025-24838
Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...
CVE-2025-26405
Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...