Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.2

    HIGH
    CVE-2018-12202

    Privilege escalation vulnerability in Platform Sample/ Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor may allow privileged user to potentially leverage existing features via local access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-12201

    Buffer overflow vulnerability in Platform Sample / Silicon Reference firmware for 8th Generation Intel(R) Core Processor, 7th Generation Intel(R) Core Processor, Intel(R) Pentium(R) Silver J5005 Processor, Intel(R) Pentium(R) Silver N5000 Processor, Intel... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2018-12200

    Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.... Read more

    Affected Products : capability_licensing_service
    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-12199

    Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.0

    MEDIUM
    CVE-2018-12198

    Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2018-12196

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-12193

    Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.... Read more

    Affected Products : quickassist_technology
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2018-12192

    Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via ph... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.6

    HIGH
    CVE-2018-12191

    Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauth... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2018-12190

    Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.4

    MEDIUM
    CVE-2018-12189

    Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 4.6

    MEDIUM
    CVE-2018-12188

    Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-12187

    Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2018-12185

    Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.... Read more

    • Published: Mar. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2018-12183

    Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.... Read more

    Affected Products : edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2018-12182

    Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.... Read more

    Affected Products : edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 6.0

    MEDIUM
    CVE-2018-12181

    Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.... Read more

    Affected Products : edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-12180

    Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.... Read more

    Affected Products : leap edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-12179

    Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.... Read more

    Affected Products : edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024

  • 9.1

    CRITICAL
    CVE-2018-12178

    Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.... Read more

    Affected Products : edk_ii
    • Published: Mar. 27, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294630 Results