It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline...
7.5CVSS
7AI Score
0.0005EPSS
Badgerboard: A PLC backplane network visibility module
Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over the years with tools like Snort...
6.8AI Score
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
6.5AI Score
0.0004EPSS
American Express warns customers about third party data breach
American Express has sent affected customers a warning that “a third party service provider engaged by numerous merchants experienced unauthorized access to its system.” In a subsequent update, American Express explained that it was not a service provider, but a merchant processor that suffered...
7.3AI Score
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
6.2AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
7.3AI Score
0.0004EPSS
CVE-2022-48630 crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
7.5AI Score
0.0004EPSS
CVE-2022-48630 crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
6.6AI Score
0.0004EPSS
3a. Use-after-free vulnerability in XHCI USB controller (CVE-2024-22252) VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of.....
9.3CVSS
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple....
6.3AI Score
0.0004EPSS
3a. Use-after-free vulnerability in XHCI USB controller (CVE-2024-22252) VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of.....
9.3CVSS
7AI Score
0.0004EPSS
CVE-2023-33104 Improper input Validation in Multi-Mode Call Processor
Transient DOS while processing PDU Release command with a parameter PDU ID out of...
7.5CVSS
7.9AI Score
0.0005EPSS
CVE-2023-33103 Improper Input Validation in Multi-Mode Call Processor
Transient DOS while processing CAG info IE received from...
7.5CVSS
7.8AI Score
0.0005EPSS
CVE-2023-33096 Reachable Assertion in Multi-Mode Call Processor
Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501...
7.5CVSS
7.7AI Score
0.0005EPSS
CVE-2023-33095 Reachable Assertion in Multi-Mode Call Processor
Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in...
7.5CVSS
7.8AI Score
0.0005EPSS
openSUSE: Security Advisory for binutils (SUSE-SU-2023:3825-1)
The remote host is missing an update for...
9.8CVSS
7.4AI Score
EPSS
openSUSE: Security Advisory for ucode (SUSE-SU-2023:2243-2)
The remote host is missing an update for...
6.1CVSS
5.6AI Score
0.0004EPSS
openSUSE: Security Advisory for ucode (SUSE-SU-2022:2960-2)
The remote host is missing an update for...
5.5CVSS
5.9AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set all reserved memblocks on Node#0 at initialization After commit 61167ad5fecdea ("mm: pass nid to reserve_bootmem_region()") we get a panic if DEFERRED_STRUCT_PAGE_INIT is enabled: [ 0.000000] CPU 0 Unable to handle.....
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
7.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
7.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
7.8AI Score
0.0004EPSS
CVE-2023-52497 erofs: fix lz4 inplace decompression
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
7.8AI Score
0.0004EPSS
CVE-2023-52497 erofs: fix lz4 inplace decompression
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
6.9AI Score
0.0004EPSS
CVE-2023-52489 mm/sparsemem: fix race in accessing memory_section->usage
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE...
6.8AI Score
0.0004EPSS
CVE-2023-52489 mm/sparsemem: fix race in accessing memory_section->usage
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE...
7.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog: BUG:...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Always enable the clk on resume In mtk_iommu_runtime_resume always enable the clk, even if m4u_dom is null. Otherwise the 'suspend' cb might disable the clk which is already disabled causing the warning: [...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops - BUG: 0 [#1]....
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix port event handling on init For some reason there might be a crash during ports creation if port events are handling at the same time because fw may send initial port event with down state. The crash...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GIC_PRIO_PSR_I_SET during entry Zenghui reports that booting a kernel with "irqchip.gicv3_pseudo_nmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
7.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: -------------------------------------------------------------------- watchdog: BUG:...
6.8AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
6.9AI Score
0.0004EPSS
CVE-2023-52484 iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
7.6AI Score
0.0004EPSS
CVE-2023-52484 iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
6.9AI Score
0.0004EPSS
CentOS 9 : microcode_ctl-20220809-1.el9
The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the microcode_ctl-20220809-1.el9 build changelog. Insufficient control flow management in some Intel(R) Processors may allow an authenticated user to potentially enable a...
5.5CVSS
6.4AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range When running an SVA case, the following soft lockup is triggered: watchdog: BUG: soft lockup - CPU#244 stuck for 26s! pstate: 83400009 (Nzcv daif +PAN...
6.7AI Score
0.0004EPSS
Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache ActiveMQ and Microsoft .Net MVC Framework for ASP.Net used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF1 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries....
10CVSS
10AI Score
0.964EPSS
Security Bulletin: IBM Common Licensing using IBM® SDK, Java™ Technology Edition vulnerable to CVEs
Summary Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition in IBM License Key Server Administration and Reporting Tool (ART) and Administration Agent. For more information please refer to Oracle's CPU Advisory and the X-Force database entries referenced below. Vulnerability Details....
9.1CVSS
9.9AI Score
0.002EPSS
Summary Third party reported 'Stored XSS' and 'CSRF' issues, Apache Tomcat, Apache ActiveMQ, CKEditor, libcURL, xmlbeans, scala-library, json-smart, jna-platform, jackson-databind, commons-io, shiro-core, commons-net, snappy-java, xercesImpl are identified as vulnerable components with multiple...
10CVSS
9.7AI Score
0.974EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops - BUG:...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash when the firmware fails to download Fix kernel crash when the firmware is missing or fails to download. [ 9.444758] kernel BUG at drivers/pci/msi.c:375! [ 9.449363] Internal error: Oops -...
6.7AI Score
0.0004EPSS