Search criteria
21 vulnerabilities found for distribution_for_python by intel
FKIE_CVE-2023-35121
Vulnerability from fkie_nvd - Published: 2024-02-14 14:16 - Updated: 2026-01-14 18:13
Severity ?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "El control de acceso inadecuado en algunos software del compilador Intel(R) oneAPI DPC++/C++ anterior a la versi\u00f3n 2023.2.1 puede permitir que el usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-35121",
"lastModified": "2026-01-14T18:13:19.650",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:16:00.123",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-29162
Vulnerability from fkie_nvd - Published: 2024-02-14 14:15 - Updated: 2026-01-14 18:27
Severity ?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | advisor | * | |
| intel | cluster_checker | 2021.7.3 | |
| intel | distribution_for_python | 2023.1 | |
| intel | inspector | * | |
| intel | integrated_performance_primitives | 2021.9 | |
| intel | integrated_performance_primitives_cryptography | * | |
| intel | mpi_library | * | |
| intel | oneapi_ai_analytics_toolkit | 2023.2 | |
| intel | oneapi_base_toolkit | * | |
| intel | oneapi_base_toolkit | 2023.2 | |
| intel | oneapi_deep_neural_network | * | |
| intel | oneapi_deep_neural_network | 2023.2 | |
| intel | oneapi_hpc_toolkit | 2023.2 | |
| intel | oneapi_iot_toolkit | 2023.2 | |
| intel | oneapi_math_kernel_library | * | |
| intel | threading_building_blocks | * | |
| intel | trace_analyzer_and_collector | 2021.10.0 | |
| intel | vtune_profiler | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F19FC1B-ABBC-4AD1-A3EF-FEF6CA6DF90C",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cluster_checker:2021.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "535F8418-033A-4EAC-9E9B-2BBA83CB885B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2023.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7A8ABC-B220-46D2-A6CE-FDEE08388C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8676B2-8B07-4489-AE24-5AFF7B318E73",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:2021.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2EE063-5A38-40DD-A2C3-BF10664085AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA1F6A6-E2FC-4243-81E3-2E8CA4AA4CD2",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6B7FC0C-D3DA-40A2-8D69-2056656F84A0",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16B6BCCB-F33F-49B6-B87B-CC93E30C82B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7E4E29-75C3-4B97-AB86-C82A3214D558",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "11501F04-FAA8-44F9-BD4F-105458A6252B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6DA864-1A74-4706-832B-2D8453A55D06",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "76639D6F-2583-455B-8A0E-7B412C18C485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2D9438-CC9E-4070-97E6-6300064CF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:2023.2:*:*:*:*:*:*:*",
"matchCriteriaId": "776C3236-F480-446D-93ED-E1A8D9CBA108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFF32E88-710F-4622-AC69-4E6A04B8F9D4",
"versionEndExcluding": "2023.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FD857AA-0809-464A-A0FF-13CF527A83AE",
"versionEndExcluding": "2021.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:2021.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68072344-62DC-40C5-9704-1ABCF20E1701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:-:*:*",
"matchCriteriaId": "ABB740DA-24E8-44DF-9E15-C12BD497AFE6",
"versionEndExcluding": "2023.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
},
{
"lang": "es",
"value": "Las restricciones inadecuadas del b\u00fafer en algunos compiladores Intel(R) C++ Classic anteriores a la versi\u00f3n 2021.8 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2023-29162",
"lastModified": "2026-01-14T18:27:26.690",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-02-14T14:15:49.777",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-22355
Vulnerability from fkie_nvd - Published: 2023-05-10 14:15 - Updated: 2024-11-21 07:44
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*",
"matchCriteriaId": "ACFF62CB-DC95-4A03-8886-E3DE682ECF45",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:cpu_runtime:*:*:*:*:*:opencl:*:*",
"matchCriteriaId": "65B36180-4945-4A43-B2AD-B917C6FA052C",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF57C55-C87E-428C-9634-158AA00C4717",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA35C90-15A8-492A-82AA-EB90B5A64CC3",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B39BDDD-5AED-4E02-A856-330F54E7660A",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0160EA22-BD65-4674-97A0-D10CE4171895",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC2A97B-1E5D-4076-BC33-2137275B80EB",
"versionEndExcluding": "1.18.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*",
"matchCriteriaId": "FDDBD13A-D43F-4855-912A-D1AD78C42B63",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1200A0B0-FE28-424D-B225-5A9FBA381F59",
"versionEndExcluding": "2021.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:integrated_performance_primitives_cryptography:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92634595-EBED-490B-8C5D-E0628B5671C1",
"versionEndExcluding": "2021.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73AD7DE0-4634-4760-863D-705CEFF0D531",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77F68C74-6AEB-4586-A9A1-2AA4CABC992D",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDFCC4E-E137-40BA-B6A3-9650D8FB9DA9",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12E76EDE-CA0D-4861-80EE-A7A860F2F6AE",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91F934F2-5D53-449D-8033-31C01BF99A1E",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF697BE5-6DDE-40AD-853F-CA1C05638E1C",
"versionEndExcluding": "2022.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6728C973-7E1D-46EB-BE07-E572A09B5D96",
"versionEndExcluding": "2023.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:2023.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0726E01-A9D7-4D32-92C5-4D7673A7DDC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04049E09-EA46-4270-844A-722AD33E9305",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42A7BFFF-DEB1-42F4-984F-3462DEF40A41",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9962AA12-66F5-4545-88FE-2EF3A671E904",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85C9E5C6-95FA-4C62-B18A-13FAE13E3AD5",
"versionEndExcluding": "2021.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "850130A2-4C4D-4E0A-A5B6-62619B673290",
"versionEndExcluding": "4.3.0.251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06201FF4-6ED4-4E41-A356-738A4E5F8AEC",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B",
"versionEndExcluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7C18F6-10F1-49DC-93BC-C5A0A170F404",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA13265-18CF-46A0-89FE-2249E9DAF597",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BABB997-985A-4BAC-93CA-FB7CD0CE545F",
"versionEndExcluding": "2023.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA7E18CB-DCAF-4EA3-95BE-4FF68783E2C8",
"versionEndExcluding": "2021.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:vtune_profiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B852D3CA-B710-4686-9414-5D0FDEF0C4B3",
"versionEndExcluding": "2023.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2023-22355",
"lastModified": "2024-11-21T07:44:37.140",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-10T14:15:27.240",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-26032
Vulnerability from fkie_nvd - Published: 2023-02-16 20:15 - Updated: 2024-11-21 06:53
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | distribution_for_python | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB58C36F-5865-4CD8-BAEF-E3D54607B59C",
"versionEndExcluding": "2022.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"id": "CVE-2022-26032",
"lastModified": "2024-11-21T06:53:20.303",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-16T20:15:12.660",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-28696
Vulnerability from fkie_nvd - Published: 2022-08-18 20:15 - Updated: 2025-05-05 17:18
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | distribution_for_python | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D814D255-3995-476A-835D-14D089316A72",
"versionEndExcluding": "2022.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Una ruta de b\u00fasqueda no controlada en Intel(R) Distribution for Python versiones anteriores a 2022.0.3, puede permitir que un usuario autenticado permita potencialmente una escalada de privilegios por medio de acceso local."
}
],
"id": "CVE-2022-28696",
"lastModified": "2025-05-05T17:18:07.343",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-08-18T20:15:11.170",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2018-12175
Vulnerability from fkie_nvd - Published: 2018-09-12 19:29 - Updated: 2024-11-21 03:44
Severity ?
Summary
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | distribution_for_python | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2018:*:*:*:*:*:*:*",
"matchCriteriaId": "88508192-ADBA-4C9B-BEC5-12F1ABC471CD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access."
},
{
"lang": "es",
"value": "Los permisos de instalaci\u00f3n de directorio por defecto en Intel Distribution for Python (IDP) en su versi\u00f3n 2018 podr\u00edan permitir que un usuario sin privilegios los escale mediante acceso local."
}
],
"id": "CVE-2018-12175",
"lastModified": "2024-11-21T03:44:42.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-12T19:29:02.107",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-3650
Vulnerability from fkie_nvd - Published: 2018-08-01 15:29 - Updated: 2024-11-21 04:05
Severity ?
Summary
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | distribution_for_python | * | |
| intel | distribution_for_python | 2018 | |
| intel | distribution_for_python | 2018 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "88FE6956-8938-46E8-A309-350F9C89C9D4",
"versionEndExcluding": "2018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2018:update_1:*:*:*:*:*:*",
"matchCriteriaId": "9AA04071-33A8-4F30-926B-4389552B7313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:distribution_for_python:2018:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D76903A2-DCE4-4A44-BAC2-0C79D9FB5E61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector."
},
{
"lang": "es",
"value": "Validaci\u00f3n de entradas insuficiente en el m\u00f3dulo Bleach en INTEL Distribution for Python en versiones anteriores a IDP 2018 Update 2 permite que usuarios sin privilegios omitan el saneamiento de URI mediante vectores locales."
}
],
"id": "CVE-2018-3650",
"lastModified": "2024-11-21T04:05:50.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-01T15:29:00.377",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from nvd – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from nvd – Published: 2023-05-10 13:17 – Updated: 2025-01-24 17:36
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.0.251
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T17:36:23.211884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:36:46.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.0.251"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:14.480Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22355",
"datePublished": "2023-05-10T13:17:14.480Z",
"dateReserved": "2023-01-07T04:00:03.309Z",
"dateUpdated": "2025-01-24T17:36:46.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26032 (GCVE-0-2022-26032)
Vulnerability from nvd – Published: 2023-02-16 19:59 – Updated: 2025-01-27 18:24
VLAI?
Summary
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits |
Affected:
before version 2022.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26032",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:30:30.451600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:24:09.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T19:59:49.508Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26032",
"datePublished": "2023-02-16T19:59:49.508Z",
"dateReserved": "2022-03-09T23:14:09.675Z",
"dateUpdated": "2025-01-27T18:24:09.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28696 (GCVE-0-2022-28696)
Vulnerability from nvd – Published: 2022-08-18 19:57 – Updated: 2025-05-05 16:21
VLAI?
Summary
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Distribution for Python |
Affected:
before version 2022.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-28696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:44.218736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:21:40.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Distribution for Python",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T19:57:53.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-28696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Distribution for Python",
"version": {
"version_data": [
{
"version_value": "before version 2022.0.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28696",
"datePublished": "2022-08-18T19:57:53.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:21:40.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12175 (GCVE-0-2018-12175)
Vulnerability from nvd – Published: 2018-09-12 19:00 – Updated: 2024-09-17 03:08
VLAI?
Summary
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Distribution for Python 2018 |
Affected:
Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Distribution for Python 2018",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018."
}
]
}
],
"datePublic": "2018-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T18:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-09-11T00:00:00",
"ID": "CVE-2018-12175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Distribution for Python 2018",
"version": {
"version_data": [
{
"version_value": "Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-12175",
"datePublished": "2018-09-12T19:00:00Z",
"dateReserved": "2018-06-11T00:00:00",
"dateUpdated": "2024-09-17T03:08:11.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3650 (GCVE-0-2018-3650)
Vulnerability from nvd – Published: 2018-08-01 15:00 – Updated: 2024-09-17 02:37
VLAI?
Summary
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel Distribution for Python |
Affected:
Before 2018 Update 2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel Distribution for Python",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Before 2018 Update 2"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-01T14:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-07-10T00:00:00",
"ID": "CVE-2018-3650",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel Distribution for Python",
"version": {
"version_data": [
{
"version_value": "Before 2018 Update 2"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3650",
"datePublished": "2018-08-01T15:00:00Z",
"dateReserved": "2017-12-28T00:00:00",
"dateUpdated": "2024-09-17T02:37:12.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29162 (GCVE-0-2023-29162)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2025-03-20 14:34
VLAI?
Summary
Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
6 (Medium)
CWE
- escalation of privilege
- Improper buffer restrictions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) C++ Compiler Classic |
Affected:
before version 2021.8
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:oneapi_toolkits:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_toolkits",
"vendor": "intel",
"versions": [
{
"lessThan": "2022.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:cplusplus_compiler_classic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cplusplus_compiler_classic",
"vendor": "intel",
"versions": [
{
"lessThan": "2021.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-16T18:23:46.476234Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T14:34:20.632Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) C++ Compiler Classic",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2021.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper buffer restrictions",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:28:54.293Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-29162",
"datePublished": "2024-02-14T13:38:13.744Z",
"dateReserved": "2023-04-13T03:00:03.833Z",
"dateUpdated": "2025-03-20T14:34:20.632Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-35121 (GCVE-0-2023-35121)
Vulnerability from cvelistv5 – Published: 2024-02-14 13:38 – Updated: 2024-08-02 16:23
VLAI?
Summary
Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
- Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI DPC++/C++ Compiler software |
Affected:
before version 2023.2.1
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:advisor:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "advisor",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:inspector:*:*:*:*:*:oneapi:*:*"
],
"defaultStatus": "unknown",
"product": "inspector",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_ai_analytics_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_ai_analytics_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_base_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_deep_neural_network:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_deep_neural_network",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_hpc_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oneapi_iot_toolkit",
"vendor": "intel",
"versions": [
{
"lessThan": "2023.2.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-35121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-28T19:15:26.510057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T18:11:26.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:23:59.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI DPC++/C++ Compiler software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2023.2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\u003c/p\u003e"
}
],
"value": "Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"description": "Improper access control",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-28T15:02:44.885Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-35121",
"datePublished": "2024-02-14T13:38:13.220Z",
"dateReserved": "2023-08-04T03:00:04.724Z",
"dateUpdated": "2024-08-02T16:23:59.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22355 (GCVE-0-2023-22355)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:17 – Updated: 2025-01-24 17:36
VLAI?
Summary
Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
- CWE-427 - Uncontrolled search path
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) oneAPI Toolkit and component software installers |
Affected:
before version 4.3.0.251
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:07:06.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-24T17:36:23.211884Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T17:36:46.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) oneAPI Toolkit and component software installers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.3.0.251"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-427",
"description": "Uncontrolled search path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:17:14.480Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00819.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-22355",
"datePublished": "2023-05-10T13:17:14.480Z",
"dateReserved": "2023-01-07T04:00:03.309Z",
"dateUpdated": "2025-01-24T17:36:46.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26032 (GCVE-0-2022-26032)
Vulnerability from cvelistv5 – Published: 2023-02-16 19:59 – Updated: 2025-01-27 18:24
VLAI?
Summary
Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
6.7 (Medium)
CWE
- escalation of privilege
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits |
Affected:
before version 2022.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-26032",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:30:30.451600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:24:09.235Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Distribution for Python programming language for Intel(R) oneAPI Toolkits",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path element in the Intel(R) Distribution for Python programming language before version 2022.1 for Intel(R) oneAPI Toolkits may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-16T19:59:49.508Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-26032",
"datePublished": "2023-02-16T19:59:49.508Z",
"dateReserved": "2022-03-09T23:14:09.675Z",
"dateUpdated": "2025-01-27T18:24:09.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28696 (GCVE-0-2022-28696)
Vulnerability from cvelistv5 – Published: 2022-08-18 19:57 – Updated: 2025-05-05 16:21
VLAI?
Summary
Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- escalation of privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Distribution for Python |
Affected:
before version 2022.0.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-28696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:29:44.218736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:21:40.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Distribution for Python",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2022.0.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T19:57:53.000Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-28696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Distribution for Python",
"version": {
"version_data": [
{
"version_value": "before version 2022.0.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled search path in the Intel(R) Distribution for Python before version 2022.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html",
"refsource": "MISC",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00684.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-28696",
"datePublished": "2022-08-18T19:57:53.000Z",
"dateReserved": "2022-04-05T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:21:40.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12175 (GCVE-0-2018-12175)
Vulnerability from cvelistv5 – Published: 2018-09-12 19:00 – Updated: 2024-09-17 03:08
VLAI?
Summary
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
Severity ?
No CVSS data available.
CWE
- Escalation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Distribution for Python 2018 |
Affected:
Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Distribution for Python 2018",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018."
}
]
}
],
"datePublic": "2018-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T18:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-09-11T00:00:00",
"ID": "CVE-2018-12175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Distribution for Python 2018",
"version": {
"version_data": [
{
"version_value": "Intel(R) Distribution for Python 2018 downloaded before Aug 6, 2018."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00181.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-12175",
"datePublished": "2018-09-12T19:00:00Z",
"dateReserved": "2018-06-11T00:00:00",
"dateUpdated": "2024-09-17T03:08:11.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-3650 (GCVE-0-2018-3650)
Vulnerability from cvelistv5 – Published: 2018-08-01 15:00 – Updated: 2024-09-17 02:37
VLAI?
Summary
Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel Distribution for Python |
Affected:
Before 2018 Update 2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:50:30.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel Distribution for Python",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Before 2018 Update 2"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-01T14:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2018-07-10T00:00:00",
"ID": "CVE-2018-3650",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel Distribution for Python",
"version": {
"version_data": [
{
"version_value": "Before 2018 Update 2"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient Input Validation in Bleach module in INTEL Distribution for Python versions prior to IDP 2018 Update 2 allows unprivileged user to bypass URI sanitization via local vector."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00129.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-3650",
"datePublished": "2018-08-01T15:00:00Z",
"dateReserved": "2017-12-28T00:00:00",
"dateUpdated": "2024-09-17T02:37:12.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}