Lucene search

K

AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” Security Vulnerabilities

nvd
nvd

CVE-2024-1630

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device...

7.7CVSS

7.5AI Score

0.0004EPSS

2024-05-14 05:15 PM
2
cve
cve

CVE-2024-1630

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device...

7.7CVSS

6.8AI Score

0.0004EPSS

2024-05-14 05:15 PM
27
cve
cve

CVE-2024-1629

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device...

6.2CVSS

6.8AI Score

0.0004EPSS

2024-05-14 05:15 PM
23
nvd
nvd

CVE-2024-1629

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device...

6.2CVSS

6.3AI Score

0.0004EPSS

2024-05-14 05:15 PM
1
securelist
securelist

QakBot attacks with Windows zero-day (CVE-2024-30051)

In early April 2024, we decided to take a closer look at the Windows DWM Core Library Elevation of Privilege Vulnerability CVE-2023-36033, which was previously discovered as a zero-day exploited in the wild. While searching for samples related to this exploit and attacks that used it, we found a...

7.8CVSS

8.4AI Score

0.0005EPSS

2024-05-14 05:14 PM
8
cvelist
cvelist

CVE-2024-1630 Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device...

7.7CVSS

7.7AI Score

0.0004EPSS

2024-05-14 04:55 PM
cvelist
cvelist

CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device...

6.2CVSS

6.5AI Score

0.0004EPSS

2024-05-14 04:32 PM
vulnrichment
vulnrichment

CVE-2024-1629 Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device component

Path traversal vulnerability in “deleteFiles” function of Common Service Desktop, a GE HealthCare ultrasound device...

6.2CVSS

6.9AI Score

0.0004EPSS

2024-05-14 04:32 PM
cve
cve

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-05-14 04:15 PM
27
nvd
nvd

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
cve
cve

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.4AI Score

0.0004EPSS

2024-05-14 04:15 PM
28
nvd
nvd

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
1
cve
cve

CVE-2024-3016

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated...

6.7AI Score

0.0004EPSS

2024-05-14 03:39 PM
5
nvd
nvd

CVE-2024-3016

NEC Platforms DT900 and DT900S Series 5.0.0.0 – v5.3.4.4, v5.4.0.0 – v5.6.0.20 allows an attacker to access a non-documented the system settings to change settings via local network with unauthenticated...

6.5AI Score

0.0004EPSS

2024-05-14 03:39 PM
1
vulnrichment
vulnrichment

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
vulnrichment
vulnrichment

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-28137 PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series

A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU...

7.8CVSS

7.9AI Score

0.0005EPSS

2024-05-14 08:10 AM
1
vulnrichment
vulnrichment

CVE-2024-28137 PHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series

A local attacker with low privileges can perform a privilege escalation with an init script due to a TOCTOU...

7.8CVSS

7AI Score

0.0005EPSS

2024-05-14 08:10 AM
vulnrichment
vulnrichment

CVE-2024-28135 PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series

A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly...

5CVSS

7.9AI Score

0.001EPSS

2024-05-14 08:09 AM
cvelist
cvelist

CVE-2024-28135 PHOENIX CONTACT: command injection vulnerability in the API of the CHARX Series

A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentiality is partly...

5CVSS

6AI Score

0.001EPSS

2024-05-14 08:09 AM
2
cvelist
cvelist

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

7AI Score

0.001EPSS

2024-05-14 08:09 AM
vulnrichment
vulnrichment

CVE-2024-28134 PHOENIX CONTACT: MitM attack gains privileges of the current logged in user in CHARX Series

An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. No additional user interaction is required. The access is limited as...

7CVSS

6.7AI Score

0.001EPSS

2024-05-14 08:09 AM
cvelist
cvelist

CVE-2024-28133 PHOENIX CONTACT: Privilege escalation in CHARX Series

A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root ...

7.8CVSS

7.6AI Score

0.0005EPSS

2024-05-14 08:09 AM
vulnrichment
vulnrichment

CVE-2024-28133 PHOENIX CONTACT: Privilege escalation in CHARX Series

A local low privileged attacker can use an untrusted search path in a CHARX system utility to gain root ...

7.8CVSS

6.6AI Score

0.0005EPSS

2024-05-14 08:09 AM
mskb
mskb

May 14, 2024—KB5037765 (OS Build 17763.5820)

May 14, 2024—KB5037765 (OS Build 17763.5820) 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights This update...

8.1AI Score

0.008EPSS

2024-05-14 07:00 AM
123
mskb
mskb

May 14, 2024—KB5037770 (OS Build 22000.2960)

May 14, 2024—KB5037770 (OS Build 22000.2960) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page. Note Follow @WindowsUpdate to find out...

7.3AI Score

0.008EPSS

2024-05-14 07:00 AM
38
mskb
mskb

May 14, 2024—KB5037781 (OS Build 25398.887)

May 14, 2024—KB5037781 (OS Build 25398.887) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

7AI Score

0.008EPSS

2024-05-14 07:00 AM
21
mskb
mskb

May 14, 2024—KB5037771 (OS Builds 22621.3593 and 22631.3593)

May 14, 2024—KB5037771 (OS Builds 22621.3593 and 22631.3593) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2 will...

7.3AI Score

0.008EPSS

2024-05-14 07:00 AM
33
mskb
mskb

May 14, 2024—KB5037782 (OS Build 20348.2461)

May 14, 2024—KB5037782 (OS Build 20348.2461) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out when...

7AI Score

0.008EPSS

2024-05-14 07:00 AM
112
mskb
mskb

May 14, 2024—KB5037768 (OS Builds 19044.4412 and 19045.4412)

May 14, 2024—KB5037768 (OS Builds 19044.4412 and 19045.4412) 03/12/24 IMPORTANT The following editions of Windows 10, version 21H2 will reach end of service on June 11, 2024:- Windows 10 Enterprise and Education- Windows 10 IoT Enterprise- Windows 10 Enterprise multi-sessionAfter that date, these.....

7.3AI Score

0.008EPSS

2024-05-14 07:00 AM
47
fedora
fedora

[SECURITY] Fedora 39 Update: gnome-shell-45.6-2.fc39

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy.....

7.3AI Score

0.0004EPSS

2024-05-14 03:28 AM
4
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:0305-2)

The remote host is missing an update for...

4.9CVSS

7.1AI Score

0.0004EPSS

2024-05-14 12:00 AM
3
hp
hp

Intel Graphics Command Center Service Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Graphics Command Center Service software (bundled in some Intel® Graphics Windows DCH driver software), which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential...

6.7CVSS

7.5AI Score

0.0004EPSS

2024-05-14 12:00 AM
5
hp
hp

HP Sure Admin Security Update

A potential security vulnerability has been identified in certain HP PC products using HP Sure Admin, which might allow escalation of privilege. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...

7.5AI Score

EPSS

2024-05-14 12:00 AM
7
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1624-1)

The remote host is missing an update for...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 12:00 AM
6
hp
hp

Intel BIOS Guard and PPAM Firmware May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® BIOS Guard and Platform Properties Assessment Module (PPAM) firmware, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...

7.2CVSS

7.6AI Score

0.0004EPSS

2024-05-14 12:00 AM
21
freebsd
freebsd

Intel CPUs -- multiple vulnerabilities

Intel reports: Potential security vulnerabilities in some Intel Trust Domain Extensions (TDX) module software may allow escalation of privilege. Improper input validation in some Intel TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable...

7.9CVSS

7.3AI Score

0.0004EPSS

2024-05-14 12:00 AM
4
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:0638-2)

The remote host is missing an update for...

7.5CVSS

7.1AI Score

0.008EPSS

2024-05-14 12:00 AM
2
hp
hp

Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-05-14 12:00 AM
7
hp
hp

Intel PROSet/Wireless WiFi and Bluetooth May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Bluetooth® products, which might allow denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...

8.2CVSS

7.2AI Score

0.0004EPSS

2024-05-14 12:00 AM
7
hp
hp

Intel Ethernet Controller I225 May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® Ethernet Controller I225 Manageability firmware, which might allow escalation of privilege or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...

7.5AI Score

EPSS

2024-05-14 12:00 AM
4
nessus
nessus

Rocky Linux 9 : flatpak (RLSA-2023:6518)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6518 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and...

10CVSS

9.7AI Score

0.008EPSS

2024-05-14 12:00 AM
1
kaspersky
kaspersky

KLA67587 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: Use after free vulnerability can be...

9.6AI Score

0.0004EPSS

2024-05-14 12:00 AM
1
hp
hp

Intel Extreme Tuning Utility (XTU) May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Extreme Tuning Utility (XTU) software, which might allow escalation of privilege. Intel is releasing updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-05-14 12:00 AM
8
hp
hp

Intel Thunderbolt Driver May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...

7CVSS

7.4AI Score

0.0004EPSS

2024-05-14 12:00 AM
12
mssecure
mssecure

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​

We are pleased to announce that Microsoft has been recognized as a Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).1 We believe our position in the Leaders quadrant validates our vision and continued investments in Microsoft Sentinel making it a...

7AI Score

2024-05-13 04:00 PM
5
ibm
ibm

Security Bulletin: A vulnerability exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Java on z/OS properties files not read correctly under certain locales / codepages vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** IBM X-Force ID: PSIRT-ADV0103951 ...

6.2AI Score

2024-05-13 03:07 PM
8
rapid7blog
rapid7blog

Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM

Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report....

7.3AI Score

2024-05-13 03:06 PM
3
Total number of security vulnerabilities86984