Export limit exceeded: 45829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349524 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-3634 | 1 Intel | 1 Online Connect Access | 2024-11-21 | 5.5 Medium |
| Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. | ||||
| CVE-2018-3632 | 1 Intel | 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. | ||||
| CVE-2018-3629 | 1 Intel | 15 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 12 more | 2024-11-21 | 6.5 Medium |
| Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. | ||||
| CVE-2018-3628 | 1 Intel | 17 Active Management Technology Firmware, Core 2 Duo, Core 2 Extreme and 14 more | 2024-11-21 | 8.8 High |
| Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. | ||||
| CVE-2018-3627 | 2 Intel, Netapp | 26 Converged Security Management Engine Firmware, Core I3, Core I5 and 23 more | 2024-11-21 | 8.2 High |
| Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. | ||||
| CVE-2018-3626 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2024-11-21 | N/A |
| Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | ||||
| CVE-2018-3624 | 1 Intel | 8 2g Modem Firmware, Sofia 3g, Sofia 3g-r and 5 more | 2024-11-21 | N/A |
| Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network. | ||||
| CVE-2018-3621 | 1 Intel | 1 Driver\&support Assistant | 2024-11-21 | N/A |
| Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | ||||
| CVE-2018-3620 | 2 Intel, Redhat | 16 Core I3, Core I5, Core I7 and 13 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | ||||
| CVE-2018-3619 | 1 Intel | 17 Core I3, Core I5, Core I7 and 14 more | 2024-11-21 | N/A |
| Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. | ||||
| CVE-2018-3616 | 2 Intel, Siemens | 25 Active Management Technology Firmware, Converged Security Management Engine Firmware, Manageability Engine Firmware and 22 more | 2024-11-21 | 5.9 Medium |
| Bleichenbacher-style side channel vulnerability in TLS implementation in Intel Active Management Technology before 12.0.5 may allow an unauthenticated user to potentially obtain the TLS session key via the network. | ||||
| CVE-2018-3615 | 1 Intel | 30 Core I3, Core I5, Core I7 and 27 more | 2024-11-21 | N/A |
| Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis. | ||||
| CVE-2018-3613 | 2 Redhat, Tianocore | 2 Enterprise Linux, Edk Ii | 2024-11-21 | N/A |
| Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access. | ||||
| CVE-2018-3612 | 1 Intel | 18 Ayaplcel.86a, Bios, Bnkbl357.86a and 15 more | 2024-11-21 | N/A |
| Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). | ||||
| CVE-2018-3611 | 1 Intel | 1 Graphics Driver | 2024-11-21 | N/A |
| Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. | ||||
| CVE-2018-3610 | 1 Intel | 1 Driver \& Support Assistant | 2024-11-21 | N/A |
| SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status registers potentially allowing information disclosure or a denial of service condition. | ||||
| CVE-2018-3609 | 1 Trendmicro | 1 Interscan Messaging Security Virtual Appliance | 2024-11-21 | N/A |
| A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations. | ||||
| CVE-2018-3608 | 2 Microsoft, Trendmicro | 7 Windows, Antivirus \+ Security, Internet Security and 4 more | 2024-11-21 | N/A |
| A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. | ||||
| CVE-2018-3607 | 1 Trendmicro | 1 Control Manager | 2024-11-21 | N/A |
| XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||
| CVE-2018-3606 | 1 Trendmicro | 1 Control Manager | 2024-11-21 | N/A |
| XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations. | ||||