Aggregates CVE and security vulnerability intelligence across all Intel-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk input validation and vendor risk buffer overflow and related problems; some flaws may lead to vendor impact memory corruption, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-14599 | Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.09% | 2026-01-06 | 2026-06-17 |
| CVE-2025-14596 | Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.09% | 2026-01-06 | 2026-06-17 |
| CVE-2025-13670 | The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.10% | 2025-12-11 | 2026-06-17 |
| CVE-2025-13669 | Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.10% | 2025-12-11 | 2026-06-17 |
| CVE-2025-13665 | The System Console Utility for Windows is vulnerable to a DLL planting vulnerability | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.09% | 2025-12-11 | 2026-06-17 |
| CVE-2025-13668 | A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.09% | 2025-12-11 | 2026-06-17 |
| CVE-2025-13664 | A potential security vulnerability in Quartus® Prime Standard Edition Design Software may allow escalation of privilege. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.09% | 2025-12-11 | 2026-06-17 |
| CVE-2025-13663 | Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists. | 04c0172e-9735-4a9d-a92a-fe01fa863447 | 5.4 | 0.08% | 2025-12-11 | 2026-06-17 |
| CVE-2025-33000 | Improper input validation for some Intel QuickAssist Technology before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality ( | [email protected] | 7.3 | 0.11% | 2025-11-11 | 2026-06-17 |
| CVE-2025-32732 | Buffer overflow for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (low) | [email protected] | 5.8 | 0.10% | 2025-11-11 | 2026-06-17 |
| CVE-2025-32446 | Untrusted pointer dereference for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confid | [email protected] | 6.8 | 0.10% | 2025-11-11 | 2026-06-17 |
| CVE-2025-32088 | Improper conditions check for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), | [email protected] | 4.8 | 0.10% | 2025-11-11 | 2026-06-17 |
| CVE-2025-31937 | Out-of-bounds read for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a high complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integr | [email protected] | 5.7 | 0.09% | 2025-11-11 | 2026-06-17 |
| CVE-2025-30509 | Improper input validation for some Intel QuickAssist Technology software before version 2.6.0 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a low complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidenti | [email protected] | 4.8 | 0.10% | 2025-11-11 | 2026-06-17 |
| CVE-2025-27713 | Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality | [email protected] | 7.3 | 0.10% | 2025-11-11 | 2026-06-17 |
| CVE-2025-27710 | Untrusted pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an information disclosure. System software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (h | [email protected] | 6.8 | 0.12% | 2025-11-11 | 2026-06-17 |
| CVE-2025-26694 | Null pointer dereference for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow a denial of service. System software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), i | [email protected] | 6.8 | 0.11% | 2025-11-11 | 2026-06-17 |
| CVE-2025-24863 | Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result may potentially occur via network access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confident | [email protected] | 6.0 | 0.26% | 2025-11-11 | 2026-06-17 |
| CVE-2025-24862 | Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via network access when attack requirements are present with special internal knowledge and requires passive user interaction. The potential vulnerability ma | [email protected] | 2.0 | 0.17% | 2025-11-11 | 2026-06-17 |
| CVE-2025-24848 | Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires passive user interaction. The potential vulnerability may impact the | [email protected] | 5.4 | 0.10% | 2025-11-11 | 2026-06-17 |