Lucene search

K

1st Gen AMD EPYC™ Processors Security Vulnerabilities

fedora
fedora

[SECURITY] Fedora 39 Update: rust-snphost-0.1.2-4.fc39

Administrative utility for AMD...

7.4AI Score

2024-06-02 03:39 AM
2
fedora
fedora

[SECURITY] Fedora 39 Update: rust-sevctl-0.4.3-4.fc39

Administrative utility for AMD...

7.4AI Score

2024-06-02 03:39 AM
2
rapid7blog
rapid7blog

New! Insight Agent Support for ARM-based Windows in InsightVM

We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...

7.1AI Score

2024-05-31 06:34 PM
6
ibm
ibm

Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

5.9CVSS

6.1AI Score

0.0004EPSS

2024-05-31 02:39 PM
15
nessus
nessus

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1870-1)

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1870-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following...

7.8CVSS

8.9AI Score

EPSS

2024-05-31 12:00 AM
4
nessus
nessus

Apple TV < 17.5 Multiple Vulnerabilities (HT214102)

According to its banner, the version of Apple TV on the remote device is prior to 17.5. It is therefore affected by multiple vulnerabilities as described in the...

7.1AI Score

0.0005EPSS

2024-05-31 12:00 AM
2
debiancve
debiancve

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

6.6AI Score

0.0004EPSS

2024-05-30 04:15 PM
4
nvd
nvd

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

6.5AI Score

0.0004EPSS

2024-05-30 04:15 PM
1
cve
cve

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

6.7AI Score

0.0004EPSS

2024-05-30 04:15 PM
25
cve
cve

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

7AI Score

0.0004EPSS

2024-05-30 04:15 PM
25
debiancve
debiancve

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

6.9AI Score

0.0004EPSS

2024-05-30 04:15 PM
4
nvd
nvd

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

6.8AI Score

0.0004EPSS

2024-05-30 04:15 PM
1
nvd
nvd

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx-&gt;dc_bios-&gt;integrated_info while it was NULL. ...

5.5CVSS

6.4AI Score

0.0004EPSS

2024-05-30 04:15 PM
debiancve
debiancve

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx-&gt;dc_bios-&gt;integrated_info while it was NULL. ...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-05-30 04:15 PM
2
cve
cve

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx-&gt;dc_bios-&gt;integrated_info while it was NULL. ...

5.5CVSS

6.7AI Score

0.0004EPSS

2024-05-30 04:15 PM
46
cvelist
cvelist

CVE-2024-36949 amd/amdkfd: sync all devices to wait all processes being evicted

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

6.5AI Score

0.0004EPSS

2024-05-30 03:35 PM
1
vulnrichment
vulnrichment

CVE-2024-36949 amd/amdkfd: sync all devices to wait all processes being evicted

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

6.9AI Score

0.0004EPSS

2024-05-30 03:35 PM
1
cvelist
cvelist

CVE-2024-36914 drm/amd/display: Skip on writeback when it's not applicable

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

6.7AI Score

0.0004EPSS

2024-05-30 03:29 PM
vulnrichment
vulnrichment

CVE-2024-36914 drm/amd/display: Skip on writeback when it's not applicable

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

7.1AI Score

0.0004EPSS

2024-05-30 03:29 PM
cvelist
cvelist

CVE-2024-36897 drm/amd/display: Atom Integrated System Info v2_2 for DCN35

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx-&gt;dc_bios-&gt;integrated_info while it was NULL. ...

6.4AI Score

0.0004EPSS

2024-05-30 03:29 PM
1
osv
osv

Malicious code in hello-1st-anni (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (7324e12f4247915474315b0c6446c86c97ef20bca17e3baa9b31478fc7e612d2) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI Score

2024-05-30 03:22 PM
debiancve
debiancve

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

6.7AI Score

0.0004EPSS

2024-05-30 03:15 PM
13
cve
cve

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

6.6AI Score

0.0004EPSS

2024-05-30 03:15 PM
25
debiancve
debiancve

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2...

6.7AI Score

0.0004EPSS

2024-05-30 03:15 PM
3
cve
cve

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

6.8AI Score

0.0004EPSS

2024-05-30 03:15 PM
27
nvd
nvd

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

6.4AI Score

0.0004EPSS

2024-05-30 03:15 PM
nvd
nvd

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

6.5AI Score

0.0004EPSS

2024-05-30 03:15 PM
1
cvelist
cvelist

CVE-2024-36026 drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

6.5AI Score

0.0004EPSS

2024-05-30 03:07 PM
cvelist
cvelist

CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

6.4AI Score

0.0004EPSS

2024-05-30 03:04 PM
ibm
ibm

Security Bulletin: CVE-2024-3933 affects IBM® SDK, Java™ Technology Edition

Summary CVE-2024-3933 affects IBM SDK, Java Technology Edition. An update has been released to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions, caused by the failure...

5.3CVSS

6.4AI Score

0.0004EPSS

2024-05-30 01:50 PM
11
ubuntucve
ubuntucve

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

7.3AI Score

0.0004EPSS

2024-05-30 12:00 AM
3
openvas
openvas

Ubuntu: Security Advisory (USN-6797-1)

The remote host is missing an update for...

7.9CVSS

6.8AI Score

0.001EPSS

2024-05-30 12:00 AM
3
ubuntucve
ubuntucve

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

7.3AI Score

0.0004EPSS

2024-05-30 12:00 AM
2
ubuntucve
ubuntucve

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx-&gt;dc_bios-&gt;integrated_info while it was NULL. ...

5.5CVSS

7AI Score

0.0004EPSS

2024-05-30 12:00 AM
3
ubuntucve
ubuntucve

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

7AI Score

0.0004EPSS

2024-05-30 12:00 AM
4
ubuntucve
ubuntucve

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

7.2AI Score

0.0004EPSS

2024-05-30 12:00 AM
1
osv
osv

intel-microcode vulnerabilities

It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX or Intel® TDX. This may allow a privileged local user to potentially further escalate their privileges on the system. This issue only...

7.9CVSS

7.3AI Score

0.001EPSS

2024-05-29 07:13 AM
4
nessus
nessus

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : Intel Microcode vulnerabilities (USN-6797-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6797-1 advisory. It was discovered that some 3rd and 4th Generation Intel Xeon Processors did not properly...

7.9CVSS

7.3AI Score

0.001EPSS

2024-05-29 12:00 AM
4
nessus
nessus

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

8CVSS

7.2AI Score

EPSS

2024-05-29 12:00 AM
2
openvas
openvas

Ubuntu: Security Advisory (USN-6795-1)

The remote host is missing an update for...

7.8CVSS

7.3AI Score

EPSS

2024-05-29 12:00 AM
5
nessus
nessus

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6795-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6795-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...

7.8CVSS

7.6AI Score

EPSS

2024-05-29 12:00 AM
2
nessus
nessus

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

8CVSS

7.2AI Score

EPSS

2024-05-29 12:00 AM
3
ubuntu
ubuntu

Intel Microcode vulnerabilities

Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages intel-microcode - Processor microcode for Intel CPUs Details It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to...

7.9CVSS

7.4AI Score

0.001EPSS

2024-05-29 12:00 AM
5
nvidia
nvidia

Security Bulletin: Triton Inference Server - May 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

9CVSS

8AI Score

0.0004EPSS

2024-05-29 12:00 AM
9
malwarebytes
malwarebytes

pcTattletale spyware leaks database containing victim screenshots, gets website defaced

The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...

7.2AI Score

2024-05-28 08:35 PM
10
ibm
ibm

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-38264, CVE-2024-21011, CVE-2024-21085 and CVE-2024-21094 Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified...

5.9CVSS

6.7AI Score

0.001EPSS

2024-05-28 07:41 PM
8
osv
osv

linux-intel-iotg vulnerabilities

Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-47233) It was....

7.8CVSS

7AI Score

EPSS

2024-05-28 07:06 PM
5
cve
cve

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

6.3AI Score

0.0004EPSS

2024-05-28 03:15 PM
1
nvd
nvd

CVE-2024-4429

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

5.4CVSS

5.2AI Score

0.0004EPSS

2024-05-28 03:15 PM
2
cve
cve

CVE-2024-3969

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...

7.8CVSS

8.4AI Score

0.0004EPSS

2024-05-28 03:15 PM
4
Total number of security vulnerabilities25632