Filtered by vendor Intel Subscriptions
Total 1696 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2013-4218 1 Intel 1 Wimax Network Service 2025-04-11 N/A
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source/SupplicantAgent.c in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses the same RSA private key in supplicant_key.pem on all systems, which allows local users to obtain sensitive information via unspecified decryption operations.
CVE-2013-4786 2 Intel, Oracle 2 Intelligent Platform Management Interface, Fujitsu M10 Firmware 2025-04-11 N/A
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
CVE-2008-7096 1 Intel 1 Bios 2025-04-09 N/A
Intel Desktop and Intel Mobile Boards with BIOS firmware DQ35JO, DQ35MP, DP35DP, DG33FB, DG33BU, DG33TL, MGM965TW, D945GCPE, and DX38BT allows local administrators with ring 0 privileges to gain additional privileges and modify code that is running in System Management Mode, or access hypervisory memory as demonstrated at Black Hat 2008 by accessing certain remapping registers in Xen 3.3.
CVE-2008-3900 1 Intel 1 Bios 2025-04-09 N/A
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
CVE-2008-2707 2 Intel, Sun 4 Network Interface Controller, Opensolaris, Solaris and 1 more 2025-04-09 N/A
Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors.
CVE-2007-5938 2 Intel, Redhat 3 Pro Wireless 3945abg, Wireless Wifi Link 4965agn, Enterprise Linux 2025-04-09 N/A
The iwl_set_rate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwl_get_hw_mode return value without checking for NULL, which might allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors during module initialization.
CVE-2007-0661 1 Intel 9 Enterprise Southbridge 2 Bmc, Enterprise Southbridge Bmc, Server Board S5000pal and 6 more 2025-04-09 N/A
Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service.
CVE-2007-4574 3 Amd, Intel, Redhat 3 Amd64, Ia64, Enterprise Linux 2025-04-09 N/A
Unspecified vulnerability in the "stack unwinder fixes" in kernel in Red Hat Enterprise Linux 5, when running on AMD64 and Intel 64, allows local users to cause a denial of service via unknown vectors.
CVE-2007-3851 3 Intel, Linux, Redhat 3 I915 Chipset, Linux Kernel, Enterprise Linux 2025-04-09 N/A
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
CVE-2007-1307 2 Intel, Lenovo 2 Pro 1000 Lan Adapter, Thinkpad 2025-04-09 N/A
Unspecified vulnerability in Lenovo Intel PRO/1000 LAN adapter before Build 135400, as used on IBM Lenovo ThinkPad systems, has unknown impact and attack vectors.
CVE-2007-0686 1 Intel 1 2200bg Proset Wireless 2025-04-09 N/A
The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992.
CVE-2006-6385 1 Intel 4 Pro 1000 Adapters, Pro 1000 Pcie Adapters, Pro 10 100 Adapters and 1 more 2025-04-09 N/A
Stack-based buffer overflow in Intel PRO 10/100, PRO/1000, and PRO/10GbE PCI, PCI-X, and PCIe network adapter drivers (aka NDIS miniport drivers) before 20061205 allows local users to execute arbitrary code with "kernel-level" privileges via an incorrect function call in certain OID handlers.
CVE-2006-7215 1 Intel 3 Core 2 Duo E4000, Core 2 Duo E6000, Core 2 Extreme X6800 2025-04-09 N/A
The Intel Core 2 Extreme processor X6800 and Core 2 Duo desktop processor E6000 and E4000 incorrectly set the memory page Access (A) bit for a page in certain circumstances involving proximity of the code segment limit to the end of a code page, which has unknown impact and attack vectors on certain operating systems other than OpenBSD, aka AI90.
CVE-2006-6651 1 Intel 1 2200bg Proset Wireless 2025-04-09 N/A
Race condition in W29N51.SYS in the Intel 2200BG wireless driver 9.0.3.9 allows remote attackers to cause memory corruption and execute arbitrary code via a series of crafted beacon frames. NOTE: some details are obtained solely from third party information.
CVE-2009-4419 1 Intel 5 Gm45 Chipset, Pm45 Express Chipset, Q35 Chipset and 2 more 2025-04-09 N/A
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.
CVE-2009-1385 3 Intel, Linux, Redhat 6 E1000, Kernel, Linux Kernel and 3 more 2025-04-09 N/A
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.
CVE-2008-3635 3 Apple, Intel, Microsoft 5 Quicktime, Indeo, Windows-nt and 2 more 2025-04-09 N/A
Stack-based buffer overflow in QuickTimeInternetExtras.qtx in an unspecified third-party Indeo v3.2 (aka IV32) codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2009-0066 1 Intel 1 Trusted Execution Technology 2025-04-09 N/A
Multiple unspecified vulnerabilities in Intel system software for Trusted Execution Technology (TXT) allow attackers to bypass intended loader integrity protections, as demonstrated by exploitation of tboot. NOTE: as of 20090107, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
CVE-2021-44228 13 Apache, Apple, Bentley and 10 more 178 Log4j, Xcode, Synchro and 175 more 2025-04-03 10 Critical
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
CVE-2006-0081 1 Intel 1 Graphics Accelerator Driver 2025-04-03 N/A
ialmnt5.sys in the ialmrnt5 display driver in Intel Graphics Accelerator Driver 6.14.10.4308 allows attackers to cause a denial of service (crash or screen resolution change) via a long text field, as demonstrated using a long window title.