Filtered by vendor Intel
Subscriptions
Total
1672 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-8674 | 1 Intel | 2 Active Management Technology Firmware, Service Manager | 2024-11-21 | 5.3 Medium |
| Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access. | ||||
| CVE-2020-8672 | 1 Intel | 49 Bios, Celeron 4205u, Celeron 4305u and 46 more | 2024-11-21 | 7.8 High |
| Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access. | ||||
| CVE-2020-8671 | 1 Intel | 49 Bios, Celeron 4205u, Celeron 4305u and 46 more | 2024-11-21 | 5.5 Medium |
| Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2020-8670 | 3 Intel, Netapp, Siemens | 567 Bios, Core I3-l13g4, Core I5-l16g7 and 564 more | 2024-11-21 | 6.4 Medium |
| Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-8669 | 1 Intel | 1 Data Center Manager | 2024-11-21 | 6.5 Medium |
| Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access. | ||||
| CVE-2020-5955 | 2 Insyde, Intel | 21 Insydeh2o Uefi Bios, Cannon Lake, Coffee Lake and 18 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges. | ||||
| CVE-2020-26558 | 6 Bluetooth, Debian, Fedoraproject and 3 more | 35 Bluetooth Core Specification, Debian Linux, Fedora and 32 more | 2024-11-21 | 4.2 Medium |
| Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. | ||||
| CVE-2020-26555 | 4 Bluetooth, Fedoraproject, Intel and 1 more | 33 Bluetooth Core Specification, Fedora, Ac 3165 and 30 more | 2024-11-21 | 5.4 Medium |
| Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN. | ||||
| CVE-2020-26140 | 6 Alfa, Arista, Cisco and 3 more | 389 Awus036h, Awus036h Firmware, C-100 and 386 more | 2024-11-21 | 6.5 Medium |
| An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration. | ||||
| CVE-2020-26139 | 6 Arista, Cisco, Debian and 3 more | 331 C-100, C-100 Firmware, C-110 and 328 more | 2024-11-21 | 5.3 Medium |
| An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. | ||||
| CVE-2020-24588 | 9 Arista, Cisco, Debian and 6 more | 351 C-100, C-100 Firmware, C-110 and 348 more | 2024-11-21 | 3.5 Low |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. | ||||
| CVE-2020-24587 | 7 Arista, Cisco, Debian and 4 more | 333 C-100, C-100 Firmware, C-110 and 330 more | 2024-11-21 | 2.6 Low |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. | ||||
| CVE-2020-24586 | 6 Arista, Debian, Ieee and 3 more | 45 C-200, C-200 Firmware, C-230 and 42 more | 2024-11-21 | 3.5 Low |
| The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data. | ||||
| CVE-2020-24525 | 1 Intel | 46 Nuc 8 Mainstream-g Kit Nuc8i5inh, Nuc 8 Mainstream-g Kit Nuc8i5inh Firmware, Nuc 8 Mainstream-g Kit Nuc8i7inh and 43 more | 2024-11-21 | 7.8 High |
| Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-24516 | 1 Intel | 179 B460, Celeron 6305, Celeron 6305e and 176 more | 2024-11-21 | 6.8 Medium |
| Modification of assumed-immutable data in subsystem in Intel(R) CSME versions before 13.0.47, 13.30.17, 14.1.53, 14.5.32, 15.0.22 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2020-24515 | 1 Intel | 4 Realsense Id F450, Realsense Id F450 Firmware, Realsense Id F455 and 1 more | 2024-11-21 | 6.8 Medium |
| Protection mechanism failure in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2020-24514 | 1 Intel | 4 Realsense Id F450, Realsense Id F450 Firmware, Realsense Id F455 and 1 more | 2024-11-21 | 6.8 Medium |
| Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | ||||
| CVE-2020-24513 | 4 Debian, Intel, Redhat and 1 more | 77 Debian Linux, Atom C3308, Atom C3336 and 74 more | 2024-11-21 | 6.5 Medium |
| Domain-bypass transient execution vulnerability in some Intel Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2020-24512 | 4 Debian, Intel, Netapp and 1 more | 11 Debian Linux, Microcode, Fas\/aff Bios and 8 more | 2024-11-21 | 3.3 Low |
| Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2020-24511 | 4 Debian, Intel, Netapp and 1 more | 11 Debian Linux, Microcode, Fas\/aff Bios and 8 more | 2024-11-21 | 6.5 Medium |
| Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||