Lucene search

K

Athlon™ X4 Processor Security Vulnerabilities

cvelist
cvelist

CVE-2024-26674 x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups

In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardwa...

6.8AI Score

0.0004EPSS

2024-04-02 07:01 AM
1
vulnrichment
vulnrichment

CVE-2023-52635 PM / devfreq: Synchronize devfreq_monitor_[start/stop]

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from...

6.9AI Score

0.0004EPSS

2024-04-02 06:49 AM
cvelist
cvelist

CVE-2023-52635 PM / devfreq: Synchronize devfreq_monitor_[start/stop]

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from...

7.7AI Score

0.0004EPSS

2024-04-02 06:49 AM
ubuntucve
ubuntucve

CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: ppp_async: limit MRU to 64K syzbot triggered a warning [1] in __alloc_pages(): WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp) Willem fixed a similar issue in commit c0a2a1b0d631 ("ppp: limit MRU to 64K") Adopt the same sanity che...

7.5AI Score

0.0004EPSS

2024-04-02 12:00 AM
2
ubuntucve
ubuntucve

CVE-2024-26674

In the Linux kernel, the following vulnerability has been resolved: x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups During memory error injection test on kernels >= v6.4, the kernel panics like below. However, this issue couldn't be reproduced on kernels <= v6.3. mce: [Hardwa...

6.8AI Score

0.0004EPSS

2024-04-02 12:00 AM
10
ubuntucve
ubuntucve

CVE-2023-52635

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from...

7.6AI Score

0.0004EPSS

2024-04-02 12:00 AM
8
cvelist
cvelist

CVE-2023-33101 Incorrect Type Conversion or Cast in Multi-Mode Call Processor

Transient DOS while processing DL NAS TRANSPORT message with payload length...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-04-01 03:05 PM
vulnrichment
vulnrichment

CVE-2023-33100 Improper input validation in Multi-Mode Call Processor

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP...

7.5CVSS

6.9AI Score

0.0004EPSS

2024-04-01 03:05 PM
cvelist
cvelist

CVE-2023-33100 Improper input validation in Multi-Mode Call Processor

Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-04-01 03:05 PM
vulnrichment
vulnrichment

CVE-2023-33099 Improper Input Validation in Multi-Mode Call Processor

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in...

7.5CVSS

7AI Score

0.0005EPSS

2024-04-01 03:05 PM
cvelist
cvelist

CVE-2023-33099 Improper Input Validation in Multi-Mode Call Processor

Transient DOS while processing SMS container of non-standard size received in DL NAS transport in...

7.5CVSS

7.8AI Score

0.0005EPSS

2024-04-01 03:05 PM
veracode
veracode

Denial Of Service (DoS)

Elasticsearch is vulnerable to Denial Of Service (DoS). The vulnerability is due to a flaw that causes the Elasticsearch ingest node which parses PDF files to crash. Notably, this issue does not occur with password-protected or unencrypted PDF files, and requires the attachment processor to be...

4.3CVSS

6.7AI Score

0.0004EPSS

2024-04-01 06:55 AM
19
mageia
mageia

Updated microcode packages fix security vulnerabilities

Protection mechanism failure in some 3rd and 4th Generation Intel(R) Xeon(R) Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2023-22655) Information exposure through microarchitectural state after...

6.5CVSS

7.8AI Score

0.001EPSS

2024-03-31 06:27 AM
15
fedora
fedora

[SECURITY] Fedora 38 Update: pandoc-2.19.2-22.fc38

Pandoc is a Haskell library for converting from one markup format to anothe r, and a command-line tool that uses this library. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiD oc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML...

6.3CVSS

7.1AI Score

0.001EPSS

2024-03-31 01:54 AM
10
fedora
fedora

[SECURITY] Fedora 39 Update: pandoc-3.1.3-29.fc39

Pandoc is a Haskell library for converting from one markup format to anothe r. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiD oc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook formats (EPUB v2 and v3, FB2) -.....

6.3CVSS

6.2AI Score

0.001EPSS

2024-03-30 01:09 AM
9
redhatcve
redhatcve

CVE-2024-23449

A flaw was found in the Elasticsearch package. An uncaught exception occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with.....

4.3CVSS

7AI Score

0.0004EPSS

2024-03-29 03:50 PM
7
osv
osv

Elasticsearch Uncaught Exception leading to crash

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

7AI Score

0.0004EPSS

2024-03-29 12:30 PM
6
github
github

Elasticsearch Uncaught Exception leading to crash

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

7AI Score

0.0004EPSS

2024-03-29 12:30 PM
4
nvd
nvd

CVE-2024-23449

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

4.4AI Score

0.0004EPSS

2024-03-29 12:15 PM
cve
cve

CVE-2024-23449

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

4.3AI Score

0.0004EPSS

2024-03-29 12:15 PM
35
cvelist
cvelist

CVE-2024-23449 Elasticsearch Uncaught Exception

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

4.7AI Score

0.0004EPSS

2024-03-29 11:12 AM
fedora
fedora

[SECURITY] Fedora 40 Update: pandoc-3.1.3-29.fc40

Pandoc is a Haskell library for converting from one markup format to anothe r. The formats it can handle include - light markup formats (many variants of Markdown, reStructuredText, AsciiD oc, Org-mode, Muse, Textile, txt2tags) - HTML formats (HTML 4 and 5) - Ebook formats (EPUB v2 and v3, FB2) -.....

6.3CVSS

6.3AI Score

0.001EPSS

2024-03-29 12:21 AM
6
openvas
openvas

Fedora: Security Advisory for pandoc (FEDORA-2024-7d83cbccb6)

The remote host is missing an update for...

6.3CVSS

6.3AI Score

0.001EPSS

2024-03-29 12:00 AM
5
ubuntucve
ubuntucve

CVE-2024-23449

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

7.1AI Score

0.0004EPSS

2024-03-29 12:00 AM
8
ibm
ibm

Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to confidentiality impacts and a timing-based side-channel attack due to multiple vulnerabilities.

Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to confidentiality impacts [CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945] and a timing-based side-channel attack [CVE-2023-33850] as described in the...

7.5CVSS

7AI Score

0.001EPSS

2024-03-27 10:18 PM
21
nvd
nvd

CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7.5AI Score

0.0004EPSS

2024-03-27 01:15 PM
cve
cve

CVE-2023-6400

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7AI Score

0.0004EPSS

2024-03-27 01:15 PM
28
cvelist
cvelist

CVE-2023-6400 Incorrect user authorization vulnerability on OpenText ZENworks Configuration Management (ZCM) product.

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and...

7.4CVSS

7.8AI Score

0.0004EPSS

2024-03-27 12:30 PM
osv
osv

Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

7.3AI Score

0.001EPSS

2024-03-27 04:34 AM
6
rocky
rocky

libreoffice security fix update

An update is available for libreoffice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

8.8CVSS

7.5AI Score

0.001EPSS

2024-03-27 04:34 AM
10
nessus
nessus

Splunk Enterprise 9.0.0 < 9.0.9, 9.1.0 < 9.1.4, 9.2.0 < 9.2.1 (SVD-2024-0301)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0301 advisory. In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during...

7.2CVSS

7.2AI Score

0.001EPSS

2024-03-27 12:00 AM
7
intel
intel

Intel® oneAPI Toolkit Software Advisory

Summary: Potential security vulnerabilities in some Intel® oneAPI Toolkits and standalone component software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-35121 Description: Improper...

7.1AI Score

0.0004EPSS

2024-03-27 12:00 AM
7
redhatcve
redhatcve

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

7AI Score

0.0004EPSS

2024-03-26 06:03 PM
8
cve
cve

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

6.2AI Score

0.0004EPSS

2024-03-26 04:15 PM
50
nvd
nvd

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

7.5AI Score

0.0004EPSS

2024-03-26 04:15 PM
debiancve
debiancve

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

7.1AI Score

0.0004EPSS

2024-03-26 04:15 PM
11
cvelist
cvelist

CVE-2024-26645 tracing: Ensure visibility when inserting an element into tracing_map

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

7.7AI Score

0.0004EPSS

2024-03-26 03:17 PM
vulnrichment
vulnrichment

CVE-2024-26645 tracing: Ensure visibility when inserting an element into tracing_map

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

6.9AI Score

0.0004EPSS

2024-03-26 03:17 PM
1
redhat
redhat

(RHSA-2024:1514) Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.9AI Score

0.001EPSS

2024-03-26 11:46 AM
21
redhat
redhat

(RHSA-2024:1513) Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.9AI Score

0.001EPSS

2024-03-26 11:46 AM
7
redhat
redhat

(RHSA-2024:1512) Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.9AI Score

0.001EPSS

2024-03-26 11:32 AM
5
ubuntucve
ubuntucve

CVE-2024-26645

In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...

7.7AI Score

0.0004EPSS

2024-03-26 12:00 AM
12
osv
osv

Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

6.9AI Score

0.001EPSS

2024-03-26 12:00 AM
7
nessus
nessus

RHEL 8 : libreoffice (RHSA-2024:1514)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1514 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

8.8CVSS

9.1AI Score

0.001EPSS

2024-03-26 12:00 AM
6
almalinux
almalinux

Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

7.5AI Score

0.001EPSS

2024-03-26 12:00 AM
7
nessus
nessus

RHEL 8 : libreoffice (RHSA-2024:1513)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1513 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

8.8CVSS

9.2AI Score

0.001EPSS

2024-03-26 12:00 AM
7
nessus
nessus

RHEL 8 : libreoffice (RHSA-2024:1512)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1512 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

8.8CVSS

9.1AI Score

0.001EPSS

2024-03-26 12:00 AM
6
openvas
openvas

Ubuntu: Security Advisory (USN-6716-1)

The remote host is missing an update for...

7.8CVSS

7.1AI Score

0.003EPSS

2024-03-26 12:00 AM
7
nvidia
nvidia

Security Bulletin: NVIDIA ChatRTX - March 2024

NVIDIA has released a software update for NVIDIA® ChatRTX. To protect your system, download and install this software update from the ChatRTX Download page. Go to NVIDIA Product Security. Details This section provides a summary of potential vulnerabilities that this security update addresses and...

8.2CVSS

8AI Score

0.0004EPSS

2024-03-26 12:00 AM
13
osv
osv

linux-azure, linux-azure-5.4 vulnerabilities

Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system.....

7.8CVSS

8AI Score

0.003EPSS

2024-03-25 11:59 PM
6
Total number of security vulnerabilities18770