U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*
There are 55 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2023-25756

Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access.

Published: November 14, 2023; 2:15:19 PM -0500
V3.1: 8.0 HIGH
V2.0:(not available)
CVE-2023-22329

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access.

Published: November 14, 2023; 2:15:17 PM -0500
V3.1: 3.5 LOW
V2.0:(not available)
CVE-2022-44611

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.

Published: August 10, 2023; 11:15:15 PM -0400
V3.1: 8.0 HIGH
V2.0:(not available)
CVE-2022-43505

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access.

Published: August 10, 2023; 11:15:15 PM -0400
V3.1: 4.4 MEDIUM
V2.0:(not available)
CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Published: August 10, 2023; 11:15:14 PM -0400
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2022-36392

Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.

Published: August 10, 2023; 11:15:13 PM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-29871

Improper access control in the Intel(R) CSME software installer before version 2239.3.7.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Published: August 10, 2023; 11:15:12 PM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-38087

Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Published: May 10, 2023; 10:15:13 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-33894

Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Published: May 10, 2023; 10:15:12 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.

Published: July 12, 2022; 3:15:08 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 1.9 LOW
CVE-2022-21180

Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access.

Published: June 15, 2022; 5:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2022-21151

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Published: May 12, 2022; 1:15:09 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2022-0004

Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Published: May 12, 2022; 1:15:09 PM -0400
V3.1: 6.8 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-33124

Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Published: May 12, 2022; 1:15:09 PM -0400
V3.1: 6.7 MEDIUM
V2.0: 7.2 HIGH
CVE-2021-33123

Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Published: May 12, 2022; 1:15:09 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-33150

Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

Published: March 11, 2022; 1:15:20 PM -0500
V3.1: 6.8 MEDIUM
V2.0: 4.6 MEDIUM
CVE-2021-33107

Insufficiently protected credentials in USB provisioning for Intel(R) AMT SDK before version 16.0.3, Intel(R) SCS before version 12.2 and Intel(R) MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure via physical access.

Published: February 09, 2022; 6:15:15 PM -0500
V3.1: 4.6 MEDIUM
V2.0: 2.1 LOW
CVE-2021-0156

Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.

Published: February 09, 2022; 6:15:13 PM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-0127

Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.

Published: February 09, 2022; 6:15:13 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-0125

Improper initialization in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via physical access.

Published: February 09, 2022; 6:15:13 PM -0500
V3.1: 6.6 MEDIUM
V2.0: 4.6 MEDIUM