CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29515
https://notcve.org/view.php?id=CVE-2022-29515
11 Nov 2022 — Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access. La falta de liberación de memoria después de la vida útil efectiva del firmware para Intel(R) SPS anterior a las versiones SPS_E3_06.00.03.035.0 puede permitir que un usuario privilegiado habilite potencialmente la Denegación de Servicio (DoS) a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29466
https://notcve.org/view.php?id=CVE-2022-29466
11 Nov 2022 — Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access. Una validación de entrada incorrecta en el firmware para Intel(R) SPS anterior a la versión SPS_E3_04.01.04.700.0 puede permitir que un usuario autenticado habilite potencialmente la Denegación de Servicio (DoS) a través del acceso local. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26074
https://notcve.org/view.php?id=CVE-2022-26074
18 Aug 2022 — Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access. Una saneo incompleto en un subsistema de firmware para Intel(R) SPS versiones anteriores a SPS_E3_04.08.04.330.0 y SPS_E3_04.01.04.530.0, puede permitir que un usuario privilegiado permita potencialmente la denegación de servicio por acceso local. • https://security.netapp.com/advisory/ntap-20220930-0003 • CWE-459: Incomplete Cleanup •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12147
https://notcve.org/view.php?id=CVE-2018-12147
13 Jun 2019 — Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel® Server Platform Services before version 4.0 and Intel® Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access. La validación de entrada insuficiente en el subsistema HECI en Intel (R) CSME anterior a la versión 11.21.55, los Servicios de plataforma de servidor Intel® anterior a la versión 4.0 y el Firmware Intel® Trusted... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-0099
https://notcve.org/view.php?id=CVE-2019-0099
17 May 2019 — Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Una vulnerabilidad de control de acceso insuficiente en el subsistema en Intel (R) SPS anterior a la versión SPS_E3_05.00.04.027.0, puede permitir que un usuario no autenticado habilite potencialmente un aumento de privilegios por medio de un acceso físico. • https://support.f5.com/csp/article/K30105730 •
CVSS: 7.6EPSS: 0%CPEs: 7EXPL: 0CVE-2018-12208
https://notcve.org/view.php?id=CVE-2018-12208
14 Mar 2019 — Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access. Desbordamiento de búfer en el subsistema HECI de Intel(R) CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel (R) TXE, en versiones anteriores a la 3.1.60 o 4.0.10; o I... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 0%CPEs: 8EXPL: 0CVE-2018-12191
https://notcve.org/view.php?id=CVE-2018-12191
14 Mar 2019 — Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access. La comprobación de límites en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en vers... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2018-12192
https://notcve.org/view.php?id=CVE-2018-12192
14 Mar 2019 — Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access. Un error de lógica en el subsistema del kernel en Intel CSME, en versiones anteriores a las 11.8.60, 11.11.60, 11.22.60 o 12.0.20; o Intel(R) Server Platform Services, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que un... • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-287: Improper Authentication •
CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-12198
https://notcve.org/view.php?id=CVE-2018-12198
14 Mar 2019 — Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access. Validación de entradas insuficiente en el subsistema de Intel(R) Server Platform Services HECI, en versiones anteriores a la SPS_E5_04.00.04.393.0, podría permitir que usuarios privilegiados puedan provocar una denegación de servicio (DoS) mediante acceso local. • https://security.netapp.com/advisory/ntap-20190318-0001 • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2018-3643
https://notcve.org/view.php?id=CVE-2018-3643
12 Sep 2018 — A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code. Una vulnerabilidad en el firmware Power Management Controller en sistemas que emplean un CSME (Intel® Conv... • https://security.netapp.com/advisory/ntap-20180924-0002 •