Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/se...
5.6CVSS
5.3AI Score
0.0004EPSS
Improper access control in the firmware for some Intel(R) Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access.
7.8CVSS
7.8AI Score
0.0004EPSS
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
4.4CVSS
4.6AI Score
0.0004EPSS
Incorrect default permissions in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable a denial of service via local access.
4.4CVSS
4.6AI Score
0.0004EPSS
Insufficient control flow management in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable an escalation of privilege via local access.
7.8CVSS
7.6AI Score
0.0004EPSS
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
6.7CVSS
6.6AI Score
0.0004EPSS
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
6.7CVSS
6.6AI Score
0.0004EPSS
NULL pointer dereference in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
6.7CVSS
6.6AI Score
0.0004EPSS
Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
6.7CVSS
6.7AI Score
0.0004EPSS
Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
6.7CVSS
6.9AI Score
0.0004EPSS
Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a denial of service via local access.
5.5CVSS
5AI Score
0.0004EPSS
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged user to potentially enable an escalation of privilege via local access.
6.7CVSS
6.5AI Score
0.0004EPSS
Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage.
5.5CVSS
6.4AI Score
0.001EPSS
Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage.
5.5CVSS
6.4AI Score
0.001EPSS
Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
6.5CVSS
6.7AI Score
0.0005EPSS
Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
6.5CVSS
6.6AI Score
0.0005EPSS