Export limit exceeded: 343740 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (147 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-11135 | 9 Canonical, Debian, Fedoraproject and 6 more | 312 Ubuntu Linux, Debian Linux, Fedora and 309 more | 2024-11-21 | 6.5 Medium |
| TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. | ||||
| CVE-2019-0185 | 1 Intel | 284 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 281 more | 2024-11-21 | 5.5 Medium |
| Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2019-0184 | 1 Intel | 256 Core I5-6360u, Core I5-6360u Firmware, Core I5-6440eq and 253 more | 2024-11-21 | 5.5 Medium |
| Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2019-0155 | 3 Canonical, Intel, Redhat | 716 Ubuntu Linux, Atom X5-e3930, Atom X5-e3930 Firmware and 713 more | 2024-11-21 | 7.8 High |
| Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-0151 | 1 Intel | 888 Core I5-5300u, Core I5-5300u Firmware, Core I5-5350u and 885 more | 2024-11-21 | 6.7 Medium |
| Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2019-0117 | 2 Intel, Redhat | 331 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 328 more | 2024-11-21 | 4.4 Medium |
| Insufficient access control in protected memory subsystem for Intel(R) SGX for 6th, 7th, 8th, 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5, v6 Families; Intel(R) Xeon(R) E-2100 & E-2200 Processor Families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2018-9056 | 2 Arm, Intel | 209 Cortex-a, Atom C, Atom E and 206 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. | ||||
| CVE-2018-3693 | 7 Arm, Fujitsu, Intel and 4 more | 230 Cortex-a, Cortex-r, M12-1 and 227 more | 2024-11-21 | 5.6 Medium |
| Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | ||||
| CVE-2018-3665 | 6 Canonical, Citrix, Debian and 3 more | 17 Ubuntu Linux, Xenserver, Debian Linux and 14 more | 2024-11-21 | 5.6 Medium |
| System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. | ||||
| CVE-2018-3646 | 2 Intel, Redhat | 16 Core I3, Core I5, Core I7 and 13 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis. | ||||
| CVE-2018-3640 | 2 Arm, Intel | 199 Cortex-a, Atom C, Atom E and 196 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. | ||||
| CVE-2018-3639 | 12 Arm, Canonical, Debian and 9 more | 330 Cortex-a, Ubuntu Linux, Debian Linux and 327 more | 2024-11-21 | 5.5 Medium |
| Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | ||||
| CVE-2018-3632 | 1 Intel | 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. | ||||
| CVE-2018-3629 | 1 Intel | 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more | 2024-11-21 | 6.5 Medium |
| Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. | ||||
| CVE-2018-3628 | 1 Intel | 17 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 14 more | 2024-11-21 | 8.8 High |
| Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. | ||||
| CVE-2018-3627 | 2 Intel, Netapp | 26 Converged Security Management Engine Firmware, Core I3, Core I5 and 23 more | 2024-11-21 | 8.2 High |
| Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. | ||||
| CVE-2018-3620 | 2 Intel, Redhat | 16 Core I3, Core I5, Core I7 and 13 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||||
| CVE-2018-3619 | 1 Intel | 17 Core I3, Core I5, Core I7 and 14 more | 2024-11-21 | N/A |
| Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. | ||||
| CVE-2018-3615 | 1 Intel | 30 Core I3, Core I5, Core I7 and 27 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. | ||||
| CVE-2018-12207 | 8 Canonical, Debian, F5 and 5 more | 1541 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 1538 more | 2024-11-21 | 6.5 Medium |
| Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. | ||||