Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-0119 |
Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R) Processor D Family, Intel(R) Xeon(R) Scalable Processor, Intel(R) Server Board, Intel(R) Server System and Intel(R) Compute Module may allow a privileged user to potentially enable escalation of privilege and/or denial of service via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 7.2 HIGH |
CVE-2019-0116 |
An out of bound read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0115 |
Insufficient input validation in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable denial of service via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0114 |
A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 4.7 MEDIUM V2.0: 1.9 LOW |
CVE-2019-0113 |
Insufficient bounds checking in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0099 |
Insufficient access control vulnerability in subsystem in Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.8 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-0098 |
Logic bug vulnerability in subsystem for Intel(R) CSME before version 12.0.35, Intel(R) TXE before 3.1.65, 4.0.15 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 6.8 MEDIUM V2.0: 7.2 HIGH |
CVE-2019-0097 |
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before version 12.0.35 may allow a privileged user to potentially enable denial of service via network access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 4.9 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-0096 |
Out of bound write vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an authenticated user to potentially enable escalation of privilege via adjacent network access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 8.0 HIGH V2.0: 5.2 MEDIUM |
CVE-2019-0094 |
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable denial of service via adjacent network access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 3.3 LOW |
CVE-2019-0093 |
Insufficient data sanitization vulnerability in HECI subsystem for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow a privileged user to potentially enable information disclosure via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 4.4 MEDIUM V2.0: 2.1 LOW |
CVE-2019-0092 |
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-0091 |
Code injection vulnerability in installer for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. Published: May 17, 2019; 12:29:01 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-0090 |
Insufficient access control vulnerability in subsystem for Intel(R) CSME before versions 11.x, 12.0.35 Intel(R) TXE 3.x, 4.x, Intel(R) Server Platform Services 3.x, 4.x, Intel(R) SPS before version SPS_E3_05.00.04.027.0 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.1: 7.1 HIGH V2.0: 4.4 MEDIUM |
CVE-2019-0089 |
Improper data sanitization vulnerability in subsystem in Intel(R) SPS before versions SPS_E5_04.00.04.381.0, SPS_E3_04.01.04.054.0, SPS_SoC-A_04.00.04.181.0, and SPS_SoC-X_04.00.04.086.0 may allow a privileged user to potentially enable escalation of privilege via local access. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.7 MEDIUM V2.0: 4.6 MEDIUM |
CVE-2019-0086 |
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2018-3701 |
Improper directory permissions in the installer for Intel(R) PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2018-20500 |
An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-19585 |
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-17181 |
An issue was discovered in OpenEMR before 5.0.1 Patch 7. SQL Injection exists in the SaveAudit function in /portal/lib/paylib.php and the portalAudit function in /portal/lib/appsql.class.php. Published: May 17, 2019; 12:29:00 PM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |