Latest CVE Feed
-
2.4
LOWCVE-2022-0005
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.... Read more
- EPSS Score: %0.04
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
7.2
HIGHCVE-2022-0004
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.... Read more
- EPSS Score: %0.12
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
6.5
MEDIUMCVE-2022-0002
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.70
- Published: Mar. 11, 2022
- Modified: May. 05, 2025
-
6.5
MEDIUMCVE-2022-0001
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.43
- Published: Mar. 11, 2022
- Modified: May. 05, 2025
-
7.5
HIGHCVE-2021-46828
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.... Read more
- EPSS Score: %0.37
- Published: Jul. 20, 2022
- Modified: May. 05, 2025
-
8.1
HIGHCVE-2021-46143
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.... Read more
- EPSS Score: %4.08
- Published: Jan. 06, 2022
- Modified: May. 05, 2025
-
9.0
HIGHCVE-2021-45960
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).... Read more
- EPSS Score: %0.37
- Published: Jan. 01, 2022
- Modified: May. 05, 2025
-
6.5
MEDIUMCVE-2021-44545
Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.... Read more
Affected Products : wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware killer_ac_1550_firmware killer_wi-fi_6_ax1650_firmware killer_wi-fi_6e_ax1675_firmware proset_wi-fi_6e_ax210_firmware killer_wi-fi_6e_ax1690_firmware wi-fi_6e_ax411_firmware wi-fi_6e_ax211_firmware killer_wi-fi_6e_ax1675 +8 more products- EPSS Score: %0.12
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2021-44470
Incorrect default permissions for the Intel(R) Connect M Android application before version 1.7.4 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : connect_m- EPSS Score: %0.04
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2021-44454
Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : quartus_prime- EPSS Score: %0.06
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
9.6
CRITICALCVE-2021-43523
In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or i... Read more
- EPSS Score: %2.39
- Published: Nov. 10, 2021
- Modified: May. 05, 2025
-
5.3
MEDIUMCVE-2021-42374
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that... Read more
Affected Products : fedora cloud_backup hci_management_node solidfire h300s_firmware h500s_firmware h700s_firmware h410s_firmware busybox h300s +9 more products- EPSS Score: %0.07
- Published: Nov. 15, 2021
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2021-38111
The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol.... Read more
- EPSS Score: %0.32
- Published: Aug. 04, 2021
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2021-37409
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products : wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac_9461_firmware wireless-ac_9260_firmware killer_ac_1550_firmware killer_wi-fi_6_ax1650_firmware killer_wi-fi_6e_ax1675_firmware proset_wi-fi_6e_ax210_firmware +16 more products- EPSS Score: %0.07
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2021-36980
Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.... Read more
Affected Products : openvswitch- EPSS Score: %0.07
- Published: Jul. 20, 2021
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2021-33847
Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac_9461_firmware wireless-ac_9260_firmware dual_band_wireless-ac_8265_firmware dual_band_wireless-ac_8260_firmware dual_band_wireless-ac_3168_firmware dual_band_wireless-ac_3165_firmware +26 more products- EPSS Score: %0.06
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2021-33166
Incorrect default permissions for the Intel(R) RXT for Chromebook application, all versions, may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.04
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.7
MEDIUMCVE-2021-33155
Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access.... Read more
Affected Products : ac_9461_firmware ac_9462_firmware ac_9560_firmware ax210_firmware ax201_firmware ax200_firmware ac_9260_firmware ac_8265_firmware ac_8260_firmware ac_3165_firmware +22 more products- EPSS Score: %0.10
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
6.8
MEDIUMCVE-2021-33150
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.... Read more
Affected Products : core_i7-10700k core_i7-7700k atom_c3308 atom_c3336 atom_c3338 atom_c3338r atom_c3436l atom_c3508 atom_c3538 atom_c3558 +409 more products- EPSS Score: %0.33
- Published: Mar. 11, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2021-33149
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.08
- Published: May. 12, 2022
- Modified: May. 05, 2025