Intel Oneapi Hpc Toolkit vulnerabilities

CVE-2024-28876 [MEDIUM] CWE-427 CVE-2024-28876: Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an Uncontrolled search path for some Intel(R) MPI Library software before version 2021.12 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-28172 [MEDIUM] CWE-427 CVE-2024-28172: Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022 Uncontrolled search path for some Intel(R) Trace Analyzer and Collector software before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-35121 [HIGH] CWE-284 CVE-2023-35121: Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some I Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler before version 2022.2.1 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-29162 [MEDIUM] CWE-276 CVE-2023-29162: Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) on Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2023-24592 [HIGH] CWE-22 CVE-2023-24592: Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-27383 [MEDIUM] CWE-693 CVE-2023-27383: Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library soft Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access.

CVE-2023-28823 [MEDIUM] CWE-427 CVE-2023-28823: Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before ve Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-27391 [MEDIUM] CWE-284 CVE-2023-27391: Improper access control in some Intel(R) oneAPI Toolkit and component software installers before ver Improper access control in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.1.493 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE-2023-29242 [MEDIUM] CWE-284 CVE-2023-29242: Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an auth Improper access control for Intel(R) oneAPI Toolkits before version 2021.1 Beta 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-23580 [MEDIUM] CWE-121 CVE-2023-23580: Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2 Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.

CVE-2023-23569 [HIGH] CWE-121 CVE-2023-23569: Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2 Stack-based buffer overflow for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-22355 [MEDIUM] CWE-427 CVE-2023-22355: Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before ve Uncontrolled search path in some Intel(R) oneAPI Toolkit and component software installers before version 4.3.0.251 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-23910 [LOW] CWE-787 CVE-2023-23910: Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 Out-of-bounds write for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially escalation of privilege via local access.

CVE-2023-23909 [LOW] CWE-125 CVE-2023-23909: Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 p Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-42878 [LOW] CWE-395 CVE-2022-42878: Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021 Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.