Lucene search

K

Athlon™ X4 Processor Security Vulnerabilities

cve
cve

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
42
nvd
nvd

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
nvd
nvd

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.6AI Score

0.0004EPSS

2024-04-23 05:15 PM
1
cve
cve

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

7.2AI Score

0.0004EPSS

2024-04-23 05:15 PM
37
cvelist
cvelist

CVE-2024-21979

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-04-23 04:36 PM
cvelist
cvelist

CVE-2024-21972

An out of bounds write vulnerability in the AMD Radeon™ user mode driver for DirectX® 11 could allow an attacker with access to a malformed shader to potentially achieve arbitrary code...

5.3CVSS

5.8AI Score

0.0004EPSS

2024-04-23 04:36 PM
cve
cve

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

7.4AI Score

0.0004EPSS

2024-04-22 03:15 PM
25
nvd
nvd

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

7.2AI Score

0.0004EPSS

2024-04-22 03:15 PM
cvelist
cvelist

CVE-2023-38297

An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup (versionCode='3', versionName='2.1)....

7.4AI Score

0.0004EPSS

2024-04-22 12:00 AM
nessus
nessus

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8AI Score

EPSS

2024-04-18 12:00 AM
15
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

7.8CVSS

8.4AI Score

EPSS

2024-04-18 12:00 AM
18
redos
redos

ROS-20240418-07

A vulnerability in the idxd: component of the Linux operating system kernel is related to pasid writing when the device. Exploitation of the vulnerability could allow an attacker to impact the integrity of the protected information A vulnerability in the nftables: component of the Linux kernel is.....

5.5CVSS

7.6AI Score

0.0004EPSS

2024-04-18 12:00 AM
4
redhatcve
redhatcve

CVE-2024-26877

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

7AI Score

0.0004EPSS

2024-04-17 06:55 PM
7
redhatcve
redhatcve

CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer dereference.....

6.9AI Score

0.0004EPSS

2024-04-17 06:27 PM
5
debiancve
debiancve

CVE-2024-26881

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD_TS_VLD_B bit, so,...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-04-17 11:15 AM
7
nvd
nvd

CVE-2024-26881

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD_TS_VLD_B bit, so,...

5.5CVSS

6AI Score

0.0004EPSS

2024-04-17 11:15 AM
cve
cve

CVE-2024-26881

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD_TS_VLD_B bit, so,...

5.5CVSS

6.4AI Score

0.0004EPSS

2024-04-17 11:15 AM
49
cve
cve

CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer...

6.5AI Score

0.0004EPSS

2024-04-17 11:15 AM
53
nvd
nvd

CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer...

7.3AI Score

0.0004EPSS

2024-04-17 11:15 AM
cve
cve

CVE-2024-26877

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

6.4AI Score

0.0004EPSS

2024-04-17 11:15 AM
55
debiancve
debiancve

CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer...

6.6AI Score

0.0004EPSS

2024-04-17 11:15 AM
4
debiancve
debiancve

CVE-2024-26877

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

6.6AI Score

0.0004EPSS

2024-04-17 11:15 AM
7
nvd
nvd

CVE-2024-26877

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

7.4AI Score

0.0004EPSS

2024-04-17 11:15 AM
cvelist
cvelist

CVE-2024-26881 net: hns3: fix kernel crash when 1588 is received on HIP08 devices

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD_TS_VLD_B bit, so,...

5.5AI Score

0.0004EPSS

2024-04-17 10:27 AM
cvelist
cvelist

CVE-2024-26879 clk: meson: Add missing clocks to axg_clk_regmaps

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer...

6.6AI Score

0.0004EPSS

2024-04-17 10:27 AM
cvelist
cvelist

CVE-2024-26877 crypto: xilinx - call finalize with bh disabled

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

7.8AI Score

0.0004EPSS

2024-04-17 10:27 AM
ubuntucve
ubuntucve

CVE-2024-26879

In the Linux kernel, the following vulnerability has been resolved: clk: meson: Add missing clocks to axg_clk_regmaps Some clocks were missing from axg_clk_regmaps, which caused kernel panic during cat /sys/kernel/debug/clk/clk_summary [ 57.349402] Unable to handle kernel NULL pointer dereference.....

6.6AI Score

0.0004EPSS

2024-04-17 12:00 AM
6
ubuntucve
ubuntucve

CVE-2024-26881

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when 1588 is received on HIP08 devices The HIP08 devices does not register the ptp devices, so the hdev->ptp is NULL, but the hardware can receive 1588 messages, and set the HNS3_RXD_TS_VLD_B bit, so,...

5.5CVSS

5.3AI Score

0.0004EPSS

2024-04-17 12:00 AM
7
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6725-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6725-2 advisory. An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and...

9.8CVSS

7.4AI Score

EPSS

2024-04-17 12:00 AM
15
ubuntucve
ubuntucve

CVE-2024-26841

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Update cpu_sibling_map when disabling nonboot CPUs Update cpu_sibling_map when disabling nonboot CPUs by defining & calling clear_cpu_sibling_map(), otherwise we get such errors on SMT systems: jump label: negative...

6.7AI Score

0.0004EPSS

2024-04-17 12:00 AM
5
ubuntucve
ubuntucve

CVE-2024-26877

In the Linux kernel, the following vulnerability has been resolved: crypto: xilinx - call finalize with bh disabled When calling crypto_finalize_request, BH should be disabled to avoid triggering the following calltrace: ------------[ cut here ]------------ WARNING: CPU: 2 PID: 74 at...

7.7AI Score

0.0004EPSS

2024-04-17 12:00 AM
2
ibm
ibm

Security Bulletin: IBM Cognos Command Center has addressed vulnerabilities IBM® Semeru Java™ Version 11 and Apache Commons

Summary There are vulnerabilities in IBM® Semeru Java™ Version 11, Apache Commons Compress and Apache Commons Configuration used by IBM Cognos Command Center. IBM Cognos Command Center 10.2.5 IF2 has addressed the applicable CVEs by upgrading to non-vulnerable versions of these libraries. Please...

8.1CVSS

8.3AI Score

0.001EPSS

2024-04-16 07:21 PM
8
spring
spring

Spring Framework 6.2.0-M1: Overriding Beans in Tests

Spring Framework 6.2.0-M1 has been released, including changes that resolve more than one hundred issues. Among those are a range of new features in Spring's testing support. In this post, I’d like to walk you through one of these new testing features: Bean Overriding support. The previous state...

7.2AI Score

2024-04-16 12:00 AM
5
nessus
nessus

Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...

8CVSS

7.6AI Score

EPSS

2024-04-13 12:00 AM
26
ibm
ibm

Security Bulletin: IBM® Db2® may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. (CVE-2021-20373)

Summary Db2 may be vulnerable to an Information Disclosure when using the LOAD utility as under certain circumstances the LOAD utility does not enforce directory restrictions. Vulnerability Details ** CVEID: CVE-2021-20373 DESCRIPTION: **IBM Db2 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable...

7.5CVSS

7.6AI Score

0.001EPSS

2024-04-12 08:13 PM
23
qualysblog
qualysblog

De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis

QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders...

7AI Score

2024-04-12 03:29 PM
11
ibm
ibm

Security Bulletin: IBM® Db2® is affected by a vulnerability in an open source library boost (CVE-2012-2677)

Summary IBM® Db2® is affected by a vulnerability in an open source library boost. Vulnerability Details ** CVEID: CVE-2012-2677 DESCRIPTION: **Boost is vulnerable to a buffer overflow, caused by improper bounds checking by the ordered_malloc() function. By persuading a victim to open a...

7AI Score

0.014EPSS

2024-04-10 05:27 PM
16
ibm
ibm

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-22036, CVE-2023-22006, CVE-2023-22041, CVE-2023-22049 and CVE-2023-22045)

Summary Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details ** CVEID: CVE-2023-22036 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Utility component could allow...

5.1CVSS

6.9AI Score

0.001EPSS

2024-04-09 07:59 PM
5
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT (CVE-2023-38729)

Summary IBM® Db2® is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. Vulnerability Details ** CVEID: CVE-2023-38729 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to sensitive information disclosure when...

6.8CVSS

6.1AI Score

0.0004EPSS

2024-04-09 05:06 PM
16
openvas
openvas

Mageia: Security Advisory (MGASA-2024-0103)

The remote host is missing an update for...

6.5CVSS

7.2AI Score

0.001EPSS

2024-04-05 12:00 AM
12
arista
arista

Security Advisory 0094

Security Advisory 0094 PDF Date: April 5, 2024 Revision | Date | Changes ---|---|--- 1.0 | April 3, 2024 | Initial release 1.1 | April 5, 2024 | Update required configuration for exploitation and mitigation Description Arista Networks is providing this security update in response to the...

7.5CVSS

6AI Score

0.005EPSS

2024-04-05 12:00 AM
32
zdt
zdt

Positron Broadcast Signal Processor TRA7005 1.20 Authentication Bypass Exploit

The Positron Broadcast Digital Signal Processor TRA7005 version 1.20 suffers from an authentication bypass through a direct and unauthorized access to the password management functionality. The vulnerability allows attackers to bypass Digest authentication by manipulating the password endpoint...

7.8AI Score

2024-04-05 12:00 AM
99
ibm
ibm

Security Bulletin: Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager is vulnerable to multiple vulnerabilities.

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition used by IBM Tivoli Application Dependency Discovery Manager (TADDM). These issues were disclosed as part of the IBM Java SDK updates in January 2024. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An...

7.5CVSS

7.2AI Score

0.001EPSS

2024-04-04 06:00 AM
13
atlassian
atlassian

DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Software Data Center and Server

This High severity net.minidev:json-smart Dependency vulnerability was introduced in versions 8.20.0, 9.0.0, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 9.7.0, 9.8.0, 9.9.0, 9.10.0, 9.11.0, and 9.12.0 of Jira Software Data Center and Server. This net.minidev:json-smart Dependency vulnerability, with....

7.5CVSS

7.7AI Score

0.001EPSS

2024-04-04 04:45 AM
15
packetstorm

7.4AI Score

2024-04-04 12:00 AM
64
zeroscience
zeroscience

Positron Broadcast Signal Processor TRA7005 v1.20 _Passwd Exploit

Title: Positron Broadcast Signal Processor TRA7005 v1.20 _Passwd Exploit Advisory ID: ZSL-2024-5813 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 04.04.2024 Summary The TRA7000 series is a set of products dedicated to broadcast,...

7.8AI Score

EPSS

2024-04-04 12:00 AM
86
redhatcve
redhatcve

CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Willem fixed a similar issue in commit c0a2a1b0d631 ("ppp: limit MRU to 64K") Adopt the same sanity che...

6.9AI Score

0.0004EPSS

2024-04-03 12:34 AM
2
redhatcve
redhatcve

CVE-2024-26674

In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardwa...

7AI Score

0.0004EPSS

2024-04-03 12:03 AM
4
Total number of security vulnerabilities18700