| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 and 3.0.1 are vulnerable to Cross-Site Scripting (XSS) attacks. Mitigation: * Uninstall the ChatRoomDemo war file - or - * migrate to version 3.1.0 of the chat-room-demo war file |
| Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. |
| Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access. |
| Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access. |
| Authentication bypass in the web console for Intel(R) Raid Web Console 2 all versions may allow an unauthenticated attacker to potentially enable disclosure of information via network access. |
| A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access. |
| Improper directory permissions in the installer for Intel(R) Quartus(R) software may allow an authenticated user to potentially enable escalation of privilege via local access. |
| Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. |
| Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access. |
| Insufficient input validation in the subsystem for Intel(R) CSME before versions 11.8.70, 12.0.45 and 13.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable information disclosure via local access. |
| Insufficient input validation in the subsystem for Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. |
| Insufficient Input validation in the subsystem for Intel(R) CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow a privileged user to potentially enable denial of service via local access. |
