Lucene search

K

Athlon™ X4 Processor Security Vulnerabilities

trendmicroblog
trendmicroblog

Worldwide 2023 Email Phishing Statistics and Examples

Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in...

7.4AI Score

2024-06-20 12:00 AM
1
trendmicroblog
trendmicroblog

Worldwide 2023 Email Phishing Statistics and Examples

Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in...

7.4AI Score

2024-06-20 12:00 AM
1
ibm
ibm

Security Bulletin: Vulnerabilities in IBM Java affect IBM SAN Volume Controller, IBM Storwize, IBM Storage Virtualize and IBM FlashSystem products

Summary Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects the product's management GUI. The Command Line Interface is unaffected. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850. Vulnerability Details **...

7.5CVSS

6.9AI Score

0.001EPSS

2024-06-19 03:28 PM
9
cve
cve

CVE-2024-38594

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the...

6.5AI Score

0.0004EPSS

2024-06-19 02:15 PM
22
nvd
nvd

CVE-2024-38594

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the...

0.0004EPSS

2024-06-19 02:15 PM
1
debiancve
debiancve

CVE-2024-38594

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the...

7AI Score

0.0004EPSS

2024-06-19 02:15 PM
1
cvelist
cvelist

CVE-2024-38594 net: stmmac: move the EST lock to struct stmmac_priv

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: move the EST lock to struct stmmac_priv Reinitialize the whole EST structure would also reset the mutex lock which is embedded in the EST structure, and then trigger the following warning. To address this, move the...

0.0004EPSS

2024-06-19 01:45 PM
2
cve
cve

CVE-2022-23829

A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 (kernel mode) access to bypass the native System Management Mode (SMM) ROM...

8.2CVSS

6.8AI Score

0.0004EPSS

2024-06-18 07:15 PM
25
oraclelinux
oraclelinux

glibc security update

[2.17-326.0.6.3] - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi Oracle history: April-28-2023 Cupertino Miranda - 2.17-326.0.6 - OraBug 35338741 Glibc tunable to disable huge pages on pthread_create stacks Reviewed-by: Jose E. Marchesi February-22-2023...

7.7AI Score

0.0005EPSS

2024-06-18 12:00 AM
5
nessus
nessus

Oracle Linux 7 : glibc (ELSA-2024-12442)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12442 advisory. - Forward-port Oracle patches to 2.17-326.3 Reviewed-by: Jose E. Marchesi <[email protected]> Oracle history: April-28-2023...

9.8CVSS

10AI Score

0.009EPSS

2024-06-18 12:00 AM
3
rocky
rocky

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

8.8CVSS

7.2AI Score

0.001EPSS

2024-06-14 02:00 PM
2
osv
osv

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

7.4AI Score

0.001EPSS

2024-06-14 02:00 PM
8
redhatcve
redhatcve

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....

7AI Score

0.0004EPSS

2024-06-14 04:12 AM
1
redhatcve
redhatcve

CVE-2023-47855

A flaw was found in intel-microcode. Improper input validation in some Intel® TDX module software may allow a privileged user to enable escalation of privileges via local access. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat.....

6CVSS

5.9AI Score

0.0004EPSS

2024-06-14 01:42 AM
2
redhatcve
redhatcve

CVE-2023-46103

A flaw was found in intel-microcode. The sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra processors that may allow an authenticated user to enable a denial of service via local access. Mitigation Mitigation for this issue is either not available or the...

4.7CVSS

4.4AI Score

0.0004EPSS

2024-06-14 01:42 AM
1
redhatcve
redhatcve

CVE-2023-45745

A flaw was found in intel-microcode. Improper input validation in some Intel(R) TDX module software may allow a privileged user to enable escalation of privilege via local access. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat....

7.9CVSS

7.6AI Score

0.0004EPSS

2024-06-14 01:12 AM
2
redhatcve
redhatcve

CVE-2023-45733

A flaw was found in intel-microcode. The hardware logic contains race conditions in some Intel(R) processors that may allow an authenticated user to enable partial information disclosure via local access. Mitigation Mitigation for this issue is either not available or the currently available...

2.8CVSS

3.2AI Score

0.0004EPSS

2024-06-14 01:12 AM
2
nvd
nvd

CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...

8.4CVSS

0.0004EPSS

2024-06-13 05:15 PM
3
cve
cve

CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...

8.4CVSS

8.4AI Score

0.0004EPSS

2024-06-13 05:15 PM
21
cve
cve

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds...

8.4CVSS

8.5AI Score

0.0004EPSS

2024-06-13 05:15 PM
23
nvd
nvd

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds...

8.4CVSS

0.0004EPSS

2024-06-13 05:15 PM
4
redhatcve
redhatcve

CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to...

7.2AI Score

0.0004EPSS

2024-06-13 11:47 AM
5
talosblog
talosblog

Operation Celestial Force employs mobile and desktop malware to target Indian entities

By Gi7w0rm, Asheer Malhotra and Vitor Ventura. Cisco Talos is disclosing a new malware campaign called "Operation Celestial Force" running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track...

7.2AI Score

2024-06-13 10:00 AM
2
cvelist
cvelist

CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...

8.4CVSS

0.0004EPSS

2024-06-13 12:00 AM
1
vulnrichment
vulnrichment

CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write...

8.4CVSS

6.9AI Score

0.0004EPSS

2024-06-13 12:00 AM
3
vulnrichment
vulnrichment

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds...

8.4CVSS

7.1AI Score

0.0004EPSS

2024-06-13 12:00 AM
2
cvelist
cvelist

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds...

8.4CVSS

0.0004EPSS

2024-06-13 12:00 AM
1
nessus
nessus

RHEL 9 : libreoffice (RHSA-2024:3835)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3835 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word...

8.8CVSS

9.3AI Score

0.001EPSS

2024-06-12 12:00 AM
1
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. (CVE-2023-29267)

Summary IBM® Db2® is vulnerable to a denial of service as a trap may occur when selecting from certain types of tables. Vulnerability Details ** CVEID: CVE-2023-29267 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as a trap...

5.3CVSS

6.7AI Score

0.0004EPSS

2024-06-11 07:48 PM
4
talosblog
talosblog

Only one critical issue disclosed as part of Microsoft Patch Tuesday

Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software. Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important." The lone critical security issue is...

9.8CVSS

9.8AI Score

0.003EPSS

2024-06-11 05:46 PM
73
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables. (CVE-2024-31881)

Summary IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted query on certain columnar tables by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31881 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-11 05:41 PM
4
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to a denial of service as the server may crash when using a specially crafted statement. (CVE-2024-31880)

Summary IBM® Db2® is vulnerable to a denial of service, under specific configurations, as the server may crash when using a specially crafted SQL statement by an authenticated user. Vulnerability Details ** CVEID: CVE-2024-31880 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes Db2...

7AI Score

EPSS

2024-06-11 05:40 PM
6
ibm
ibm

Security Bulletin: IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library. (CVE-2024-29131, CVE-2024-29133)

Summary IBM® Db2® federated server is affected by vulnerabilities in the open source commons-configuration2 library when using the NoSQL Hadoop wrapper. Vulnerability Details ** CVEID: CVE-2024-29131 DESCRIPTION: **Apache Commons Configuration could allow a remote attacker to execute arbitrary...

7.7AI Score

0.0004EPSS

2024-06-11 05:39 PM
2
ibm
ibm

Security Bulletin: IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. (CVE-2024-28757)

Summary IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. Vulnerability Details ** CVEID: CVE-2024-28757 DESCRIPTION: **libexpat could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity...

6.1AI Score

0.0004EPSS

2024-06-11 05:31 PM
2
ibm
ibm

Security Bulletin: IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. (CVE-2024-28762)

Summary IBM® Db2® is vulnerable to a denial of service with a specially crafted query under certain conditions. Vulnerability Details ** CVEID: CVE-2024-28762 DESCRIPTION: **IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) is vulnerable to denial of service with a specially...

5.3CVSS

6.5AI Score

0.0004EPSS

2024-06-11 05:30 PM
4
ibm
ibm

Security Bulletin: IBM® Db2® is affected by a vulnerability in the open source zlib library. (CVE-2023-45853)

Summary IBM® Db2® is affected by a vulnerability in the open source zlib library. Vulnerability Details ** CVEID: CVE-2023-45853 DESCRIPTION: **MiniZip is vulnerable to a denial of service, caused by an integer overflow and resultant heap-based buffer overflow in the zipOpenNewFileInZip4_64...

9.8CVSS

7.2AI Score

0.001EPSS

2024-06-11 05:24 PM
5
thn
thn

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023. The adversary, according to Infoblox security researchers Dr. Renée Burton and Dave Mitchell, operates from the....

9.8CVSS

6.7AI Score

0.957EPSS

2024-06-11 02:32 PM
6
almalinux
almalinux

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

9AI Score

0.001EPSS

2024-06-11 12:00 AM
2
osv
osv

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

7AI Score

0.001EPSS

2024-06-11 12:00 AM
amd
amd

SPI Lock Bypass

Bulletin ID: AMD-SB-1041 Potential Impact: System Integrity Severity:High Summary Potential weaknesses in AMD’s SPI protection features may allow an attacker to bypass the native System Management Mode (SMM) ROM protections. CVE Details CVE-2022-23829 A potential weakness in AMD SPI protection...

8.2CVSS

7AI Score

0.0004EPSS

2024-06-11 12:00 AM
2
cve
cve

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....

6.7AI Score

0.0004EPSS

2024-06-08 01:15 PM
22
debiancve
debiancve

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in...

6.7AI Score

0.0004EPSS

2024-06-08 01:15 PM
1
nvd
nvd

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....

0.0004EPSS

2024-06-08 01:15 PM
cvelist
cvelist

CVE-2024-36965 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....

0.0004EPSS

2024-06-08 12:52 PM
5
kitploit
kitploit

Sttr - Cross-Platform, Cli App To Perform Various Operations On String

sttr is command line software that allows you to quickly run various transformation operations on the string. // With input prompt sttr // Direct input sttr md5 "Hello World" // File input sttr md5 file.text sttr base64-encode image.jpg // Reading from different processor like cat,...

7.4AI Score

2024-06-08 12:30 PM
11
ubuntucve
ubuntucve

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the System Companion Processor, and it's not granted that both the SRAM (L2TCM) size that is defined in the....

7.2AI Score

0.0004EPSS

2024-06-08 12:00 AM
1
nvd
nvd

CVE-2024-31958

An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in an Out-of-Bounds...

6.8CVSS

0.0004EPSS

2024-06-07 05:15 PM
4
cve
cve

CVE-2024-31958

An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in an Out-of-Bounds...

6.8CVSS

6.6AI Score

0.0004EPSS

2024-06-07 05:15 PM
21
cve
cve

CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code...

8.4CVSS

8.6AI Score

0.0004EPSS

2024-06-07 05:15 PM
22
nvd
nvd

CVE-2024-31959

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in code...

8.4CVSS

0.0004EPSS

2024-06-07 05:15 PM
3
Total number of security vulnerabilities18770