CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26421
https://notcve.org/view.php?id=CVE-2022-26421
16 Feb 2023 — Uncontrolled search path element in the Intel(R) oneAPI DPC++/C++ Compiler Runtime before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26076
https://notcve.org/view.php?id=CVE-2022-26076
16 Feb 2023 — Uncontrolled search path element in the Intel(R) oneAPI Deep Neural Network (oneDNN) before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-26425
https://notcve.org/view.php?id=CVE-2022-26425
16 Feb 2023 — Uncontrolled search path element in the Intel(R) oneAPI Collective Communications Library (oneCCL) before version 2021.6 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25905
https://notcve.org/view.php?id=CVE-2022-25905
16 Feb 2023 — Uncontrolled search path element in the Intel(R) oneAPI Data Analytics Library (oneDAL) before version 2021.5 for Intel(R) oneAPI Base Toolkit may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25992
https://notcve.org/view.php?id=CVE-2022-25992
16 Feb 2023 — Insecure inherited permissions in the Intel(R) oneAPI Toolkits oneapi-cli before version 0.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26843
https://notcve.org/view.php?id=CVE-2022-26843
16 Feb 2023 — Insufficient visual distinction of homoglyphs presented to user in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.1 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-25987
https://notcve.org/view.php?id=CVE-2022-25987
16 Feb 2023 — Improper handling of Unicode encoding in source code to be compiled by the Intel(R) C++ Compiler Classic before version 2021.6 for Intel(R) oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38136
https://notcve.org/view.php?id=CVE-2022-38136
06 Feb 2023 — Uncontrolled search path in the Intel(R) oneAPI DPC++/C++ Compiler for Windows and Intel Fortran Compiler for Windows before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00773.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40196
https://notcve.org/view.php?id=CVE-2022-40196
06 Feb 2023 — Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 and Intel C++ Compiler Classic before version 2021.7.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow an authenticated user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00773.html •
CVSS: 9.0EPSS: 94%CPEs: 96EXPL: 13CVE-2021-45046 – Apache Log4j2 Deserialization of Untrusted Data Vulnerability
https://notcve.org/view.php?id=CVE-2021-45046
14 Dec 2021 — It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some... • https://packetstorm.news/files/id/179987 • CWE-400: Uncontrolled Resource Consumption CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •