cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-0099,https://securityvulnerability.io/vulnerability/CVE-2019-0099,Insufficient Access Control in Intel SPS Products,"An insufficient access control issue exists within the Intel(R) Server Platform Services (SPS) that may allow an unauthenticated user with physical access to the device to potentially escalate their privileges. This could lead to unauthorized actions that the user normally would not have permissions to execute, compromising the integrity of the system. It is crucial for users and administrators to apply the necessary updates to ensure system security and mitigate this risk.",Intel,"Intel(r) Server Platform Services (sps), Intel (r) Trusted Execution Engine Interface (txe)",6.8,MEDIUM,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0089,https://securityvulnerability.io/vulnerability/CVE-2019-0089,Improper Data Sanitization in Intel SPS Products,"An improper data sanitization vulnerability exists in a subsystem of Intel SPS products, which may allow an attacker with local access and sufficient privileges to escalate their privileges and potentially execute unauthorized commands. This issue could expose systems to further security risks, as users with elevated privileges may gain modifications to sensitive configurations and data.",Intel,Intel(r) Server Platform Services (sps),6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0090,https://securityvulnerability.io/vulnerability/CVE-2019-0090,Insufficient Access Control in Intel(R) CSME and Server Platform Services,"An insufficient access control vulnerability exists in the Intel(R) CSME, TXE, and Server Platform Services prior to specific versions. This flaw could allow an unauthenticated user with physical access to exploit the vulnerability and potentially escalate privileges, posing significant security risks to affected systems.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",7.1,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2019-0093,https://securityvulnerability.io/vulnerability/CVE-2019-0093,Insufficient Data Sanitization Vulnerability in Intel CSME and SPS Systems,"A significant vulnerability in the Intel HECI subsystem affects the CSME and SPS products, due to insufficient data sanitization. This flaw allows a privileged user to potentially disclose sensitive information through local access. Users operating under these affected versions are urged to evaluate their systems and apply necessary updates to safeguard against potential exploits.",Intel,"Intel(r) Converged Security & Management Engine (csme), Intel(r) Server Platform Services (sps)",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-05-17T15:41:38.000Z,0
CVE-2018-12191,https://securityvulnerability.io/vulnerability/CVE-2018-12191,,"Bounds check in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before versions 4.00.04.383 or SPS 4.01.02.174, or Intel(R) TXE before versions 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.6,HIGH,0.003539999946951866,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12198,https://securityvulnerability.io/vulnerability/CVE-2018-12198,,Insufficient input validation in Intel(R) Server Platform Services HECI subsystem before version SPS_E5_04.00.04.393.0 may allow privileged user to potentially cause a denial of service via local access.,Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12199,https://securityvulnerability.io/vulnerability/CVE-2018-12199,,"Buffer overflow in an OS component in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel TXE version before 3.1.60 or 4.0.10 may allow a privileged user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.2,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12187,https://securityvulnerability.io/vulnerability/CVE-2018-12187,,"Insufficient input validation in Intel(R) Active Management Technology (Intel(R) AMT) before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially cause a denial of service via network access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12188,https://securityvulnerability.io/vulnerability/CVE-2018-12188,,"Insufficient input validation in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before version 3.1.60 or 4.0.10 may allow an unauthenticated user to potentially modify data via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",4.6,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12189,https://securityvulnerability.io/vulnerability/CVE-2018-12189,,"Unhandled exception in Content Protection subsystem in Intel CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel TXE before 3.1.60 or 4.0.10 may allow privileged user to potentially modify data via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",4.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12196,https://securityvulnerability.io/vulnerability/CVE-2018-12196,,"Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow a privileged user to potentially execute arbitrary code via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12190,https://securityvulnerability.io/vulnerability/CVE-2018-12190,,"Insufficient input validation in Intel(r) CSME subsystem before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 or Intel(r) TXE before 3.1.60 or 4.0.10 may allow a privileged user to potentially enable an escalation of privilege via local access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12200,https://securityvulnerability.io/vulnerability/CVE-2018-12200,,Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access.,Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12208,https://securityvulnerability.io/vulnerability/CVE-2018-12208,,"Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11.8.60, 11.11.60, 11.22.60 or 12.0.20 and Intel(R) TXE version before 3.1.60 or 4.0.10, or Intel(R) Server Platform Services before version 5.00.04.012 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",7.6,HIGH,0.003539999946951866,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12192,https://securityvulnerability.io/vulnerability/CVE-2018-12192,,"Logic bug in Kernel subsystem in Intel CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20, or Intel(R) Server Platform Services before version SPS_E5_04.00.04.393.0 may allow an unauthenticated user to potentially bypass MEBx authentication via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.8,MEDIUM,0.0012600000482052565,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-12185,https://securityvulnerability.io/vulnerability/CVE-2018-12185,,"Insufficient input validation in Intel(R) AMT in Intel(R) CSME before version 11.8.60, 11.11.60, 11.22.60 or 12.0.20 may allow an unauthenticated user to potentially execute arbitrary code via physical access.",Intel,"Intel(r) Csme, Server Platform Services, Trusted Execution Engine And Intel(r) Active Management Technology",6.8,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2019-03-14T20:29:00.000Z,0
CVE-2018-3643,https://securityvulnerability.io/vulnerability/CVE-2018-3643,,"A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code.",Intel,Intel(r) Converged Security And Management Engine (csme) And Intel(r) Server Platform Services Firmware,8.2,HIGH,0.0007699999841861427,false,,false,false,false,,,false,false,,2018-09-12T19:29:00.000Z,0
CVE-2018-3655,https://securityvulnerability.io/vulnerability/CVE-2018-3655,,"A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access.",Intel,"Intel(r) Csme Before Version 11.21.55, Intel(r) Server Platform Services Before Version 4.0 And Intel(r) Trusted Execution Engine Firmware",7.3,HIGH,0.0026599999982863665,false,,false,false,false,,,false,false,,2018-09-12T19:29:00.000Z,0
CVE-2017-5706,https://securityvulnerability.io/vulnerability/CVE-2017-5706,,Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary code.,Intel,Server Platform Services,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-11-21T14:29:00.000Z,0
CVE-2017-5709,https://securityvulnerability.io/vulnerability/CVE-2017-5709,,Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via unspecified vector.,Intel,Server Platform Services,7.8,HIGH,0.0006200000061653554,false,,false,false,false,,,false,false,,2017-11-21T14:29:00.000Z,0