Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2022-21123 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 | 6.28% | 2022-06-15 | 2026-06-17 |
| CVE-2022-21166 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 | 5.90% | 2022-06-15 | 2026-06-17 |
| CVE-2016-8027 | SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post. | 10.0 | 5.75% | 2017-03-14 | 2026-06-16 |
| CVE-2020-12352 | Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | 6.5 | 5.71% | 2020-11-23 | 2026-06-16 |
| CVE-2018-3620 | Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis. | 5.6 | 5.58% | 2018-08-14 | 2026-06-16 |
| CVE-2022-21127 | Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 | 5.51% | 2022-06-15 | 2026-06-17 |
| CVE-2016-8106 | A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions. | 5.9 | 5.13% | 2017-01-09 | 2026-06-16 |
| CVE-2022-29901 | Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. | 5.6 | 4.95% | 2022-07-12 | 2026-06-17 |
| CVE-2016-8016 | Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | 3.4 | 4.56% | 2017-03-14 | 2026-06-16 |
| CVE-2017-5712 | Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege. | 7.2 | 4.41% | 2017-11-21 | 2026-06-16 |
| CVE-2017-5693 | Firmware in the Intel Puma 5, 6, and 7 Series might experience resource depletion or timeout, which allows a network attacker to create a denial of service via crafted network traffic. | 7.5 | 4.34% | 2018-07-31 | 2026-06-16 |
| CVE-2019-0136 | Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 7.4 | 4.07% | 2019-06-13 | 2026-06-16 |
| CVE-2016-8019 | Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input. | 6.1 | 4.01% | 2017-03-14 | 2026-06-16 |
| CVE-2022-40982 | Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 | 3.91% | 2023-08-10 | 2026-06-17 |
| CVE-2020-0594 | Out-of-bounds read in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 | 3.54% | 2020-06-15 | 2026-06-16 |
| CVE-2020-0595 | Use after free in IPv6 subsystem in Intel(R) AMT and Intel(R) ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 | 3.44% | 2020-06-15 | 2026-06-16 |
| CVE-2017-4053 | Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter. | 9.8 | 3.39% | 2017-07-12 | 2026-06-16 |
| CVE-2018-3658 | Multiple memory leaks in Intel AMT in Intel CSME firmware versions before 12.0.5 may allow an unauthenticated user with Intel AMT provisioned to potentially cause a partial denial of service via network access. | 5.3 | 3.30% | 2018-09-12 | 2026-06-16 |
| CVE-2017-4011 | Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | 6.1 | 3.27% | 2017-05-17 | 2026-06-16 |
| CVE-2016-8021 | Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | 5.0 | 3.26% | 2017-03-14 | 2026-06-16 |