CVSS: 8.7EPSS: 0%CPEs: 46EXPL: 0CVE-2023-43626
https://notcve.org/view.php?id=CVE-2023-43626
16 Sep 2024 — Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01071.html • CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 419EXPL: 0CVE-2021-33150
https://notcve.org/view.php?id=CVE-2021-33150
11 Mar 2022 — Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. El hardware permite una activación de la lógica de prueba o depuración en tiempo de ejecución para algunas instancias del Intel(R) Trace Hub, lo que puede permitir que un usuario no autenticado habilite potencialmente la escalada de privilegios por medio del acceso físico • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00609.html •
CVSS: 5.6EPSS: 1%CPEs: 1321EXPL: 1CVE-2020-0551
https://notcve.org/view.php?id=CVE-2020-0551
12 Mar 2020 — Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html Una inyección de valor de carga en algunos Procesadores Intel® que utilizan una ejecución especulativa puede permitir a un usuario autenticado habilitar potencialmente un... • https://github.com/bitdefender/lvi-lfb-attack-poc •
CVSS: 8.2EPSS: 0%CPEs: 568EXPL: 0CVE-2019-11137
https://notcve.org/view.php?id=CVE-2019-11137
14 Nov 2019 — Insufficient input validation in system firmware for Intel(R) Xeon(R) Scalable Processors, Intel(R) Xeon(R) Processors D Family, Intel(R) Xeon(R) Processors E5 v4 Family, Intel(R) Xeon(R) Processors E7 v4 Family and Intel(R) Atom(R) processor C Series may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Una comprobación de entrada insuficiente en el firmware del sistema para Intel® Xeon® Scalable Processors, Intel® Xeon®... • https://support.f5.com/csp/article/K56215245?utm_source=f5support&%3Butm_medium=RSS • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 568EXPL: 0CVE-2019-11136
https://notcve.org/view.php?id=CVE-2019-11136
14 Nov 2019 — Insufficient access control in system firmware for Intel(R) Xeon(R) Scalable Processors, 2nd Generation Intel(R) Xeon(R) Scalable Processors and Intel(R) Xeon(R) Processors D Family may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access. Un control de acceso insuficiente en el firmware del sistema para Intel® Xeon® Scalable Processors, 2nd Generation Intel® Xeon® Scalable Processors y Intel® Xeon® Processors D Family, puede... • https://support.f5.com/csp/article/K56215245?utm_source=f5support&%3Butm_medium=RSS •
CVSS: 6.0EPSS: 0%CPEs: 311EXPL: 0CVE-2017-5703
https://notcve.org/view.php?id=CVE-2017-5703
03 Apr 2018 — Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. La configuración de SPI Flash, en plataformas basadas en múltiples plataformas de Intel, permite que un atacante local altere el comportamiento del flash SPI. Esto podría conducir a una denegación de servicio (DoS). • http://www.securitytracker.com/id/1040626 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 2CVE-2017-5925
https://notcve.org/view.php?id=CVE-2017-5925
27 Feb 2017 — Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores Intel modernos. Realizando un ataque de cana... • http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 2CVE-2017-5926
https://notcve.org/view.php?id=CVE-2017-5926
27 Feb 2017 — Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores AMD modernos. Realizando un ataque de canal la... • http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 2CVE-2017-5927
https://notcve.org/view.php?id=CVE-2017-5927
27 Feb 2017 — Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR. Los paseos de la tabla de páginas llevados a cabo por la MMU durante la traducción de la dirección virtual a física dejan un rastro en la caché de último nivel de los procesadores ARM modernos. Realizando un ataque de canal la... • http://www.cs.vu.nl/~herbertb/download/papers/anc_ndss17.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •