Security Vulnerabilities - CVEs Published In May 2022
Uncontrolled resource consumption in the Linux kernel drivers for Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-12
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-12
An exploitable use-after-free vulnerability exists in WPS Spreadsheets ( ET ) as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-05-12
Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVSS Score
6.8
EPSS Score
0.003
Published
2022-05-12
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
CVSS Score
2.4
EPSS Score
0.0
Published
2022-05-12
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-05-12
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-12
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-12
An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
5.0
EPSS Score
0.002
Published
2022-05-12
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-05-12