Summary
| Detail | |||
|---|---|---|---|
| Vendor | Intel | First view | 2019-11-14 |
| Product | Core i7-9850h Firmware | Last view | 2023-11-14 |
| Version | - | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:intel:core_i7-9850h_firmware | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8 | 2023-11-14 | CVE-2023-25756 | Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access. |
| 3.5 | 2023-11-14 | CVE-2023-22329 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access. |
| 8 | 2023-08-11 | CVE-2022-44611 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. |
| 4.4 | 2023-08-11 | CVE-2022-43505 | Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. |
| 5.5 | 2023-05-10 | CVE-2022-38087 | Exposure of resource to wrong sphere in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. |
| 7.8 | 2023-05-10 | CVE-2022-33894 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
| 4.4 | 2023-02-16 | CVE-2022-38090 | Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access. |
| 5.5 | 2022-08-18 | CVE-2022-26373 | Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. |
| 5.5 | 2022-06-15 | CVE-2022-21180 | Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. |
| 5.5 | 2022-05-12 | CVE-2022-21151 | Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
| 2.4 | 2022-05-12 | CVE-2022-0005 | Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access. |
| 6.7 | 2022-05-12 | CVE-2021-33124 | Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. |
| 7.8 | 2022-05-12 | CVE-2021-33123 | Improper access control in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. |
| 7.8 | 2022-05-12 | CVE-2021-33122 | Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. |
| 6.7 | 2022-05-12 | CVE-2021-33103 | Unintended intermediary in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. |
| 5.5 | 2020-11-12 | CVE-2020-8695 | Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. |
| 5.5 | 2020-11-12 | CVE-2020-8694 | Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
| 5.5 | 2020-01-28 | CVE-2020-0549 | Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
| 5.5 | 2020-01-28 | CVE-2020-0548 | Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
| 5.3 | 2019-12-16 | CVE-2019-14607 | Improper conditions check in multiple IntelĀ® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access. |
| 6.7 | 2019-12-16 | CVE-2019-11157 | Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access. |
| 5.5 | 2019-11-14 | CVE-2019-0185 | Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 families; Intel(R) Xeon(R) E-2100 and E-2200 Processor families with Intel(R) Processor Graphics may allow a privileged user to potentially enable information disclosure via local access. |
| 5.5 | 2019-11-14 | CVE-2019-0184 | Insufficient access control in protected memory subsystem for Intel(R) TXT for 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 Families; Intel(R) Xeon(R) E-2100 and E-2200 Processor Families with Intel(R) Processor Graphics and Intel(R) TXT may allow a privileged user to potentially enable information disclosure via local access. |
| 6.7 | 2019-11-14 | CVE-2019-0151 | Insufficient memory protection in Intel(R) TXT for certain Intel(R) Core Processors and Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. |
| 7.8 | 2019-11-14 | CVE-2019-0124 | Insufficient memory protection in Intel(R) 6th Generation Core Processors and greater, supporting TXT, may allow a privileged user to potentially enable escalation of privilege via local access. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 18% (2) | CWE-404 | Improper Resource Shutdown or Release |
| 18% (2) | CWE-20 | Improper Input Validation |
| 9% (1) | CWE-787 | Out-of-bounds Write |
| 9% (1) | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
| 9% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 9% (1) | CWE-319 | Cleartext Transmission of Sensitive Information |
| 9% (1) | CWE-203 | Information Exposure Through Discrepancy |
| 9% (1) | CWE-125 | Out-of-bounds Read |
| 9% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
