CVE-2019-0136
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
Source: CVE-2019-0136
[월:] 2019년 06월
CVE-2019-0130
CVE-2019-0130
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network access.
Source: CVE-2019-0130
CVE-2018-12147
CVE-2018-12147
Insufficient input validation in HECI subsystem in Intel(R) CSME before version 11.21.55, Intel? Server Platform Services before version 4.0 and Intel? Trusted Execution Engine Firmware before version 3.1.55 may allow a privileged user to potentially enable escalation of privileges via local access.
Source: CVE-2018-12147
CVE-2019-0164
CVE-2019-0164
Improper permissions in the installer for Intel(R) Turbo Boost Max Technology 3.0 driver version 1.0.0.1035 and before may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: CVE-2019-0164
CVE-2019-0174
CVE-2019-0174
Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.
Source: CVE-2019-0174
CVE-2018-3702
CVE-2018-3702
Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: CVE-2018-3702
CVE-2019-0157
CVE-2019-0157
Insufficient input validation in the Intel(R) SGX driver for Linux may allow an authenticated user to potentially enable a denial of service via local access.
Source: CVE-2019-0157
CVE-2019-0311
CVE-2019-0311
Automotive Dealer Portal in SAP R/3 Enterprise Application (versions: 600, 602, 603, 604, 605, 606, 616, 617) does not sufficiently encode user-controlled inputs, this makes it possible for an attacker to send unwanted scripts to the browser of the victim using unwanted input and execute malicious code there, resulting in Cross-Site Scripting (XSS) vulnerability.
Source: CVE-2019-0311
CVE-2019-0312
CVE-2019-0312
Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings.
Source: CVE-2019-0312
CVE-2019-0315
CVE-2019-0315
Under certain conditions the PI Integration Builder Web UI of SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50 and SAP_XIPCK 7.10 to 7.11, 7.20, 7.30) allows an attacker to access passwords used in FTP channels leading to information disclosure.
Source: CVE-2019-0315