4th Gen AMD EPYC™ Processors Security Vulnerabilities

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, flannel, bank-vaults, etcd, kyverno, tflint, kubernetes-csi-driver-hostpath, nuclei, caddy, keda, cluster-autoscaler, nfs-subdir-external-provisioner, nerdctl, rabbitmq-cluster-operator, zarf,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: helm, flannel, harbor, neuvector-scanner, flyte, aws-efs-csi-driver, kargo, go-md2man, node-problem-detector, kubewatch, cass-operator, harbor-registry, nri-redis, chartmuseum, nri-memcached, spqr, hubble-ui, ferretdb, prometheus-mongodb-exporter, oras, rekor,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: docker-credential-ecr-login, render-template, dgraph, gitlab-logger, cilium-envoy, prometheus-stackdriver-exporter, amass, smarter-device-manager, kind, gops, nats, cni-plugins, vertical-pod-autoscaler, go-licenses, metrics-server, go-md2man, ip-masq-agent,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: dive, helm, gomplate, pulumi-language-yaml, cloud-sql-proxy, esbuild, etcd, tflint, stakater-reloader, kind, nuclei, caddy, keda, kubebuilder, nfs-subdir-external-provisioner, nerdctl, pombump, rabbitmq-cluster-operator, fuse-overlayfs-snapshotter,...

New! Insight Agent Support for ARM-based Windows in InsightVM

We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...

Security Bulletin: Maximo Asset Management: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2024 - Includes Oracle April 2024 CPU plus CVE-2023-38264

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that are used by Maximo Asset Management, Maximo Industry Solutions (including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas and Maximo for Utilities).....

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info while it was NULL. ...

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

CVE-2024-36024

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2...

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

CVE-2024-36949 amd/amdkfd: sync all devices to wait all processes being evicted

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

CVE-2024-36914 drm/amd/display: Skip on writeback when it's not applicable

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

CVE-2024-36897 drm/amd/display: Atom Integrated System Info v2_2 for DCN35

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info while it was NULL. ...

CVE-2024-36026 drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get into an invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending the MP1_UNLOAD...

CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable idle reallow as part of command/gpint execution [Why] Workaroud for a race condition where DMCUB is in the process of committing to IPS1 during the handshake causing us to miss the transition into IPS2 and....

Security Bulletin: CVE-2024-3933 affects IBM® SDK, Java™ Technology Edition

Summary CVE-2024-3933 affects IBM SDK, Java Technology Edition. An update has been released to address the vulnerability. Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions, caused by the failure...

Ubuntu: Security Advisory (USN-6797-1)

The remote host is missing an update for...

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveout model. This fixes a null dereference from accessing Ctx->dc_bios->integrated_info while it was NULL. ...

CVE-2024-36914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain...

CVE-2024-36949

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: sync all devices to wait all processes being evicted If there are more than one device doing reset in parallel, the first device will call kfd_suspend_all_processes() to evict all processes on all devices, this call...

EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

Ubuntu: Security Advisory (USN-6795-1)

The remote host is missing an update for...

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...

Security Bulletin: Triton Inference Server - May 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

pcTattletale spyware leaks database containing victim screenshots, gets website defaced

The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-38264, CVE-2024-21011, CVE-2024-21085 and CVE-2024-21094 Vulnerability Details ** CVEID: CVE-2024-21094 DESCRIPTION: **An unspecified...

CVE-2024-4429 Cross Site Request Forgery vulnerability in iManager

Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information...

CVE-2024-3969 XML External Entity injection vulnerability in iManager

XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML...

(RHSA-2024:3421) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function...

Pyrit - The Famous WPA Precomputed Cracker

Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of....

Code Injection

pug is vulnerable to Code execution. The vulnerability is due to the lack of proper input validation for the name option in the compileClient, compileFileClient, or compileClientWithDependenciesTracked functions, which allows attackers to execute arbitrary JavaScript code in the context of the...