Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 6.9

    MEDIUM
    CVE-2023-38655

    Improper buffer restrictions in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable denial of service via network access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.8

    MEDIUM
    CVE-2024-21806

    Improper conditions check in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an authenticated user to potentially enable denial of service via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 8.3

    HIGH
    CVE-2024-21801

    Insufficient control flow management in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products : tdx_module_software
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.7

    MEDIUM
    CVE-2024-22378

    Incorrect default permissions in some Intel Unite(R) Client Extended Display Plugin software installers before version 1.1.352.157 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products : unite
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 7.8

    HIGH
    CVE-2023-42667

    Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 7.0

    HIGH
    CVE-2024-24983

    Protection mechanism failure in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 4.4 may allow an unauthenticated user to potentially enable denial of service via network access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 9.3

    CRITICAL
    CVE-2024-21807

    Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 8.1

    HIGH
    CVE-2023-49144

    Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 7.1

    HIGH
    CVE-2024-21787

    Inadequate encryption strength for some BMRA software before version 22.08 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.7

    MEDIUM
    CVE-2024-23974

    Incorrect default permissions in some Intel(R) ISH software installers may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.8

    MEDIUM
    CVE-2024-22374

    Insufficient control flow management for some Intel(R) Xeon Processors may allow an authenticated user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.9

    MEDIUM
    CVE-2024-24980

    Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 6.7

    MEDIUM
    CVE-2023-34424

    Improper input validation in firmware for some Intel(R) CSME may allow a privileged user to potentially enable denial of service via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 7.3

    HIGH
    CVE-2024-24853

    Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.... Read more

    Affected Products :
    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024
  • 7.0

    HIGH
    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
  • 8.8

    HIGH
    CVE-2024-42738

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setDmzCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
  • 6.8

    MEDIUM
    CVE-2024-41711

    A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an unauthenticated attacker with physical access to the phone to conduct an argument inject... Read more

    Affected Products :
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
  • 7.5

    HIGH
    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
  • 7.8

    HIGH
    CVE-2024-38107

    Windows Power Dependency Coordinator Elevation of Privilege Vulnerability... Read more

    • Actively Exploited
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
  • 8.8

    HIGH
    CVE-2024-42739

    In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setAccessDeviceCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.... Read more

    Affected Products : x5000r_firmware x5000r
    • Published: Aug. 13, 2024
    • Modified: Aug. 14, 2024
Showing 20 of 291541 Results