Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.7AI Score
0.0004EPSS
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7.6AI Score
0.0004EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.5CVSS
6.5AI Score
0.0004EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.5AI Score
0.001EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.3CVSS
6.4AI Score
0.0004EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.1AI Score
0.0004EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.5CVSS
7.2AI Score
0.001EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
6.4AI Score
0.0004EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
7.1AI Score
0.001EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
6.4AI Score
0.0004EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.4AI Score
0.001EPSS
Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
7.2CVSS
7.6AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.3AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
7AI Score
0.0004EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
6.5CVSS
6.5AI Score
0.0004EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
7.2AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.5AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.1CVSS
7.4AI Score
0.001EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.8AI Score
0.001EPSS
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local...
5.7AI Score
0.0004EPSS
Race condition in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local...
6.8AI Score
0.0004EPSS
Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
6.4AI Score
0.001EPSS
Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...
6.2AI Score
0.001EPSS
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
On-chip debug and test interface with improper access control in some 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local...
7.2AI Score
0.0004EPSS
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local...
5.6AI Score
0.0004EPSS
Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearQuest
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-4807 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a...
7.1AI Score
0.0004EPSS
CPU hardware utilizing speculative execution may be vulnerable to speculative race conditions
Overview A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution has been discovered. CPU hardware utilizing speculative execution that are vulnerable to Spectre v1 are likely affected. An unauthenticated attacker can exploit this...
5.5AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.4CVSS
7.3AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
4.7CVSS
7.4AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
8.6CVSS
7.4AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
8.6CVSS
7.4AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.4CVSS
7.1AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
4.7CVSS
7.4AI Score
0.0004EPSS
HTML injection in OpenText™ Exceed Turbo X affecting version 12.5.1. The vulnerability could result in Cross site...
6.9AI Score
0.0004EPSS
Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic...
7AI Score
0.0004EPSS
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and 12.5.1. The vulnerability could allow disclosure of restricted information in unauthenticated...
7AI Score
0.0004EPSS
Summary Vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVEs. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component...
6.6AI Score
0.001EPSS
How to update outdated software on Mac endpoints: Introducing ThreatDown VPM for Mac
ThreatDown is happy to announce that our Vulnerability Assessment and Patch Management (VPM) tool is now available for Mac endpoints. There are hundreds of third-party apps that Mac endpoint use on a daily basis—and with that large number of apps comes a dizzying amount of software updates to...
7.2AI Score
Summary IBM® SDK, Java™ Technology Edition, is used by IBM Rational® Application Developer for WebSphere® Software as the runtime and development kit. (CVE-2023-33850) Vulnerability Details ** CVEID: CVE-2023-33850 DESCRIPTION: **IBM GSKit-Crypto could allow a remote attacker to obtain sensitive...
6.4AI Score
0.001EPSS
Security Bulletin: Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase
Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. [CVE-2023-5363, CVE-2023-4807, CVE-2023-3446] Vulnerability Details ** CVEID: CVE-2023-5363 DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information,...
7.7AI Score
0.002EPSS
What’s in your notepad? Infected text editors target Chinese users
"Malvertising" is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search results also tend to be more trusted by users. A year ago, our experts...
7AI Score
An unauthenticated remote attacker can use an XSS attack due to improper neutralization of input during web page generation. User interaction is required. This leads to a limited impact of confidentiality and integrity but no impact of...
5.4CVSS
6.6AI Score
0.0005EPSS
An unautheticated remote attacker could send specifically crafted packets to a affected device. If an authenticated user then views that data in a specific page of the web-based management a buffer overflow will be triggered to gain full access of the...
8.8CVSS
8AI Score
0.001EPSS
Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical,.....
9.8CVSS
8.2AI Score
0.001EPSS
Intel 2024.1 IPU - BIOS March 2024 Security Updates
Intel has informed HP of potential security vulnerabilities identified in some Intel® Processors and/or BIOS Firmware for some Intel® Processors which may allow escalation of privilege, denial of service, or information disclosure. Intel is releasing firmware updates to mitigate this potential...
7.8AI Score
0.001EPSS
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0857-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0857-1 advisory. In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap...
7.8AI Score