CVE-2025-35990

CVE-2025-35990 affects Intel Endpoint Management Assistant (EMA) software prior to version 1.14.5. The vulnerability arises from improper input validation in Ring 3 user-space components, enabling an unauthenticated, low-complexity attacker with adjacent access to cause an escalation of privilege...

PT-2026-40096

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

Intel QAT software drivers for Windows 安全漏洞

Intel QAT software drivers for Windows are a set of encryption and compression hardware acceleration drivers for the Windows platform developed by Intel Corporation. Versions prior to Intel QAT software drivers for Windows 1.13 contain security vulnerabilities. These vulnerabilities stem from...

Intel Memory and Storage Tool < 2.5.2 Escalation of Privilege (INTEL-SA-01414)

The version of Intel Memory and Storage Tool installed on the remote host is prior to 2.5.2. It is, therefore, affected by a vulnerability as referenced in the INTEL-SA-01414 advisory. - Incorrect default permissions for some IntelR Memory and Storage Tool before version 2.5.2 within Ring 3 User...

CVE-2025-30506

Uncontrolled search path for some Intel Driver and Support Assistant before version 25.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This...

CVE-2025-31940

Incorrect default permissions for some IntelR Thread Director Visualizer software before version 1.1.1 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of...

EUVD-2025-93526

Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially...

CVE-2025-27712

Improper neutralization for some IntelR Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...

CVE-2025-32038

CVE-2025-32038 concerns an uncontrolled search path in the FPGA Support Package for the Intel oneAPI DPC++/C++ Compiler software prior to version 2025.0.1. Multiple sources (including Red Hat, Intel advisory INTEL-SA-01364) describe that, when Ring 3: User Applications executes, an unprivileged a...

CVE-2025-26405

Improper control of dynamically-managed code resources for some IntelR NPU Drivers within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

PT-2025-46424

Name of the Vulnerable Software and Affected Versions Intel oneAPI Math Kernel Library versions prior to 2025.2 Description The software contains an improper input validation issue within Ring 3: User Applications that may allow for a denial of service. An unprivileged software adversary with an...

Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit

EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47683.zip import rdp import socket import binascii import time def poolsprays, crypter, payload: times = 10000 count = 0 while count times: count += 1 print'time through %d' % count try:...

Multiple CPUs - Information Leak Using Speculative Execution

Multiple CPUs - Information Leak Using Speculative Execution == INTRODUCTION == This is a bug report about a CPU security issue that affects processors by Intel, AMD and to some extent ARM. I have written a PoC for this issue that, when executed in userspace on an Intel Xeon CPU E5-1650 v3 machin...

Microsoft Windows - &#039;nt!NtQueryInformationWorkerFactory (WorkerFactoryBasicInformation)&#039; Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1214&desc=2 We have discovered that the nt!NtQueryInformationWorkerFactory system call called with the WorkerFactoryBasicInformation 7 information class discloses portions of uninitialized kernel stack memory to user-mode clients...

Microsoft Windows - &#039;win32k!NtGdiGetOutlineTextMetricsInternalW&#039; Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1179 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7-10 through the win32k!NtGdiGetOutlineTextMetricsInternalW system call. The system call...