3rd Gen AMD EPYC™ Processors Security Vulnerabilities
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.5CVSS
7.2AI Score
0.001EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.4AI Score
0.001EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
7.1AI Score
0.001EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
6.4AI Score
0.0004EPSS
Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7.6AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.3AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
7AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5CVSS
6.5AI Score
0.0004EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
7.2AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.5AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.1CVSS
7.4AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.8AI Score
0.001EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.7AI Score
0.0004EPSS
Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.8AI Score
0.0004EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.4AI Score
0.001EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.2AI Score
0.001EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
7.2AI Score
0.0004EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a...
7.1AI Score
0.0004EPSS
CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions
Overview A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v1 are likely affected. An unauthenticated attacker can exploit this...
5.5AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
8.6CVSS
7.4AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.4CVSS
7.3AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
4.7CVSS
7.4AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
8.6CVSS
7.4AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.4CVSS
7.1AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
4.7CVSS
7.4AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.9AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
7AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
7AI Score
0.0004EPSS
Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component...
6.6AI Score
0.001EPSS
How to update outdated software on Mac endpoints: Introducing ThreatDown VPM for Mac
ThreatDown is happy to announce that our Vulnerability Assessment and Patch Management (VPM) tool is now available for Mac endpoints. There are hundreds of third-party apps that Mac endpoint use on a daily basis—and with that large number of apps comes a dizzying amount of software updates to...
7.2AI Score
Summary IBM® SDK, Java™ Technology Edition, is used by IBM Rational® Application Developer for WebSphere® Software as the runtime and development kit. (CVE-2023-33850) Vulnerability Details ** CVEID: CVE-2023-33850 DESCRIPTION: **IBM GSKit-Crypto could allow a remote attacker to obtain sensitive...
6.4AI Score
0.001EPSS
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. [CVE-2023-5363, CVE-2023-4807, CVE-2023-3446] Vulnerability Details ** CVEID: CVE-2023-5363 DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information,...
7.7AI Score
0.002EPSS
What’s in your notepad? Infected text editors target Chinese users
"Malvertising" is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search results also tend to be more trusted by users. A year ago, our experts...
7AI Score
An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of...
5.4CVSS
6.6AI Score
0.0005EPSS
An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the...
8.8CVSS
8AI Score
0.001EPSS
Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical,.....
9.8CVSS
8.2AI Score
0.001EPSS
Intel 2024.1 IPU - BIOS March 2024 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® Processors and/or BIOS Firmware for some Intel® Processors which may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing firmware updates to mitigate this potential...
7.8AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0857-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0857-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...
7.8AI Score
FreeBSD : Intel CPUs -- multiple vulnerabilities (b6dd9d93-e09b-11ee-92fc-1c697a616631)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b6dd9d93-e09b-11ee-92fc-1c697a616631 advisory. Intel reports: 2024.1 IPU - Intel Processor Bus Lock Advisory A potential security...
6.9AI Score
Amazon Linux 2023 : microcode_ctl (ALAS2023-2024-559)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-559 advisory. Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access....
6.9AI Score
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0858-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0858-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use...
7.8AI Score
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0855-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0855-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free...
7.9AI Score
A memory corruption flaw was found in the Linux kernel Intel Wireless WiFi Next Gen AGN module. This issue could allow a local user to crash the system. Mitigation To mitigate this issue, prevent the iwlwifi module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to.....
6.3AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8 used by IBM Installation Manager and IBM Packaging Utility. The IBM Installation Manager and IBM Packaging Utility have addressed the applicable CVEs. Vulnerability Details ** IBM X-Force ID: PSIRT-ADV0103951 .....
6.5AI Score
x86: Register File Data Sampling
ISSUE DESCRIPTION Intel have disclosed RFDS, Register File Data Sampling, affecting some Atom cores. This came from internal validation work. There is no information provided about how an attacker might go about inferring data from the register files. For more details, see:...
6.6AI Score
0.0004EPSS
Issue Overview: Non-transparent sharing of return predictor targets between contexts in some Intel® Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2023-38575) Protection mechanism failure of bus lock regulator for some Intel® Processors.....
6.9AI Score
0.001EPSS
(RHSA-2024:1248) Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: inactive elements in nft_pipapo_walk (CVE-2023-6817) kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation (CVE-2024-0193) kernel: ktls...
7.6AI Score
0.002EPSS