Oneapi Hpc Toolkit Security Vulnerabilities and Issues — Oneapi Hpc Toolkit CVE List

IntelOneapi Hpc Toolkit

15 matches found

CVE•added 2024/02/14 1:38 p.m.•77 views

CVE-2023-29162

The CVE-2023-29162 entry concerns Intel’s Intel® oneAPI Toolkits, specifically the Intel C++ Compiler Classic prior to 2021.8 bundled with toolkits before 2022.3.1. The issue is an improper buffer restriction that may allow a privileged local user to escalate privileges. Affected scope includes I...

6CVSS6.3AI score0.0017EPSS

CVE•added 2023/05/10 1:17 p.m.•65 views

CVE-2023-22355

The CVE-2023-22355 issue is an Uncontrolled search path in Intel(R) oneAPI Toolkit and component software installers prior to version 4.3.0.251, potentially enabling privilege escalation for an authenticated user via local access. The Intel advisory and related records confirm the affected softwa...

7.8CVSS7.7AI score0.00209EPSS

CVE•added 2023/11/14 7:5 p.m.•65 views

CVE-2023-24592

The CVE-2023-24592 issue affects Intel® oneAPI Toolkits and Component software prior to version 2023.1. The root cause is a path traversal vulnerability in these components, which could allow an authenticated user to escalate privileges via local access. Affected products include Intel® oneAPI Ba...

7.8CVSS7.7AI score0.00251EPSS

CVE•added 2024/02/14 1:38 p.m.•64 views

CVE-2023-35121

The CVE-2023-35121 issue concerns improper access control in Intel’s oneAPI DPC++/C++ Compiler prior to 2022.2.1 for some toolkits prior to 2022.3.1, enabling potential privilege escalation via local access when authenticated. Affected software is Intel® oneAPI DPC++/C++ Compiler and related tool...

7.8CVSS7.7AI score0.00161EPSS

CVE•added 2024/08/14 1:45 p.m.•62 views

CVE-2024-28876

CVE-2024-28876 affects Intel® MPI Library prior to version 2021.12 and can enable privilege escalation via an uncontrolled search path when run with local access by an authenticated user. The Intel advisory (INTEL-SA-01115) documents the vulnerability and recommends updating to Intel® MPI Library...

7.3CVSS7.2AI score0.00144EPSS

CVE•added 2023/08/11 2:37 a.m.•61 views

CVE-2023-27391

CVE-2023-27391 : Improper access control in Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to escalate privileges via local access. This is based on multiple sources (NVD, osv.dev, Red Hat, etc.) referencing the same description. No ...

6.7CVSS7.9AI score0.00168EPSS

CVE•added 2023/08/11 2:37 a.m.•61 views

CVE-2023-28823

CVE-2023-28823 : Uncontrolled search path exists in some Intel(R) oneAPI Toolkit installers and components before version 4.3.1.493. An authenticated user with local access may potentially escalate privileges. This vulnerability is evidenced by multiple connected sources (NVD/NCSC/OSV) referencin...

7.3CVSS8.3AI score0.00154EPSS

CVE•added 2024/08/14 1:45 p.m.•56 views

CVE-2024-28172

Intel® Trace Analyzer and Collector software prior to version 2022.1 is affected by an uncontrolled search path vulnerability that may allow an authenticated user to escalate privileges via local access. Intel’s advisory (Intel® SA-01117) states affected products include Intel® Trace Analyzer and...

7.3CVSS7.3AI score0.00144EPSS

CVE•added 2023/11/14 7:5 p.m.•49 views

CVE-2023-27383

CVE-2023-27383 affects Intel® oneAPI HPC Toolkit and Intel® MPI Library. The issue is a protection mechanism failure that may allow a privileged user to escalate privileges via adjacent access. Affected components/versions include the HPC Toolkit before 2023.1 and the MPI Library before 2021.9. T...

6.8CVSS6.7AI score0.00383EPSS

CVE•added 2023/05/12 2:1 p.m.•46 views

CVE-2023-29242

The CVE-2023-29242 entry concerns Intel's oneAPI Toolkit prior to 2021.1 Beta 10, where improper access control may enable privilege escalation via local access for an authenticated user. Public sources (Intel advisory INTEL-SA-00551, Red Hat, NVD) confirm the affected product family and the root...

7.8CVSS7.8AI score0.00137EPSS

CVE•added 2023/05/10 1:16 p.m.•45 views

CVE-2023-23580

Intel® Trace Analyzer and Collector software is affected by a stack-based buffer overflow in the component prior to version 2021.8.0. The vulnerability could allow an authenticated, locally located user to escalate privileges. Affected product: Intel Trace Analyzer and Collector (pre-2021.8.0). R...

7.8CVSS8AI score0.00194EPSS

CVE•added 2023/05/10 1:16 p.m.•44 views

CVE-2022-42878

CVE-2022-42878 affects Intel® Trace Analyzer and Collector software prior to 2021.8.0 (and related Intel HPC Toolkit components). Root cause is a null pointer dereference that could allow an authenticated local user to disclose information. Exploitation details are not provided in the supplied do...

5.5CVSS5.2AI score0.00185EPSS

CVE•added 2023/05/10 1:16 p.m.•41 views

CVE-2023-23569

CVE-2023-23569 concerns a stack-based buffer overflow in Intel(R) Trace Analyzer and Collector software prior to version 2021.8.0. An authenticated, local attacker could potentially escalate privileges. The issue affects Intel Trace Analyzer and Collector (and is noted by Intel advisory INTEL-SA-...

7.8CVSS8AI score0.00201EPSS

CVE•added 2023/05/10 1:16 p.m.•41 views

CVE-2023-23909

CVE-2023-23909 describes an out-of-bounds read in Intel® Trace Analyzer and Collector software prior to version 2021.8.0, which may allow an authenticated attacker with local access to disclose information. The issue affects Intel Trace Analyzer and Collector (and related components) and is mitig...

5.5CVSS5.1AI score0.00185EPSS

CVE•added 2023/05/10 1:16 p.m.•41 views

CVE-2023-23910

CVE-2023-23910 affects Intel Trace Analyzer and Collector software prior to 2021.8.0. The issue is an out-of-bounds write that may allow an authenticated local user to escalate privileges. The NVD metric shows CVSSv3.1 base score 7.8 (HIGH) with LOCAL attacker, HIGH confidentiality/integrity/avai...

7.8CVSS7.8AI score0.00186EPSS