Lucene search

K

Athlon™ X4 Processor Security Vulnerabilities

nvd
nvd

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
nvd
nvd

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.8AI Score

0.0004EPSS

2024-05-14 04:15 PM
1
vulnrichment
vulnrichment

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-1598 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
vulnrichment
vulnrichment

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

7.5AI Score

0.0004EPSS

2024-05-14 02:56 PM
cvelist
cvelist

CVE-2024-0762 Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

7.5CVSS

8AI Score

0.0004EPSS

2024-05-14 02:56 PM
githubexploit
githubexploit

Exploit for CVE-2024-27804

CVE-2024-27804 bash ./build.sh ./panic.sh ```bash...

7.2AI Score

0.0004EPSS

2024-05-14 02:17 PM
246
nvd
nvd

CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

6.6AI Score

EPSS

2024-05-14 10:43 AM
1
osv
osv

BIT-elasticsearch-2024-23449

An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with...

4.3CVSS

7AI Score

0.0004EPSS

2024-05-14 07:17 AM
7
freebsd
freebsd

Intel CPUs -- multiple vulnerabilities

Intel reports: Potential security vulnerabilities in some Intel Trust Domain Extensions (TDX) module software may allow escalation of privilege. Improper input validation in some Intel TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable...

7.9CVSS

7.3AI Score

0.0004EPSS

2024-05-14 12:00 AM
4
hp
hp

Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

7.8CVSS

7.4AI Score

0.0004EPSS

2024-05-14 12:00 AM
7
nessus
nessus

Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-6767-2)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6767-2 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able to crash the...

7.8CVSS

8AI Score

0.0004EPSS

2024-05-14 12:00 AM
13
mssecure
mssecure

Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​

We are pleased to announce that Microsoft has been recognized as a Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM).1 We believe our position in the Leaders quadrant validates our vision and continued investments in Microsoft Sentinel making it a...

7AI Score

2024-05-13 04:00 PM
5
rapid7blog
rapid7blog

Rapid7 Recognized in the 2024 Gartner® Magic Quadrant™ for SIEM

Command Your Attack Surface with a next-gen SIEM built for the Cloud First Era Rapid7 is excited to share that we are named a Challenger for InsightIDR in the 2024 Gartner Magic Quadrant for SIEM. In a crowded and constantly changing space, this is our sixth time to be recognized in the report....

7.3AI Score

2024-05-13 03:06 PM
3
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2024 CPU

Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...

5.9CVSS

7.4AI Score

0.001EPSS

2024-05-13 02:27 PM
12
ibm
ibm

Security Bulletin: Multiple vulnerabilities exists in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager.

Summary Multiple vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2. CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2024-20919, CVE-2024-20926, CVE-2024-20945, CVE-2023-33850 Vulnerability Details....

7.5CVSS

6.9AI Score

0.001EPSS

2024-05-13 11:52 AM
8
nessus
nessus

RHEL 5 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Sandbox escape with improperly separated process types (CVE-2020-12389) Mozilla: Memory safety...

10AI Score

0.924EPSS

2024-05-11 12:00 AM
3
nessus
nessus

RHEL 6 : kernel (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver (CVE-2017-12762) kernel: lack of port...

8.7AI Score

EPSS

2024-05-11 12:00 AM
43
nessus
nessus

RHEL 6 : mozilla (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes (CVE-2020-26970) Mozilla:...

9.7AI Score

0.38EPSS

2024-05-11 12:00 AM
2
ibm
ibm

Security Bulletin: Multiple Vulnerabilities in IBM® Runtime Environment Java™ Technology Edition affects WebSphere eXtreme Scale

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Version 8 used by WebSphere eXtreme Scale. Vulnerability Details ** CVEID: CVE-2024-20952 DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause...

7.5CVSS

7.3AI Score

0.001EPSS

2024-05-10 06:32 PM
5
rocky
rocky

libreoffice security update

An update is available for libreoffice. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list LibreOffice is an open source, community-developed office productivity...

8.8CVSS

7.2AI Score

0.001EPSS

2024-05-10 02:32 PM
6
osv
osv

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

8.8CVSS

6.7AI Score

0.001EPSS

2024-05-10 02:32 PM
9
ibm
ibm

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2024 Critical Patch Update, plus CVE-2023-38264. For more information please refer to Oracle's April 2024 CPU Advisory and the X-Force database entries...

5.9CVSS

6.4AI Score

0.001EPSS

2024-05-09 07:33 PM
21
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Business Developer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes...

7.5CVSS

7.4AI Score

0.001EPSS

2024-05-08 07:24 PM
5
ibm
ibm

Security Bulletin: Vulnerability in IBM Java SDK and IBM Java Runtime affects Host On-Demand

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by Host On-Demand. Host On-Demand has addressed the applicable CVE. This issue was disclosed as part of the IBM Semeru Runtime Quarterly CPU - Oct 2023 - Includes OpenJDK October 2023 CPU.....

7.8CVSS

6.2AI Score

0.0004EPSS

2024-05-08 04:16 AM
6
nessus
nessus

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...

7.8CVSS

7.5AI Score

EPSS

2024-05-07 12:00 AM
6
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6766-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

7.8CVSS

7.1AI Score

EPSS

2024-05-07 12:00 AM
18
nessus
nessus

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6767-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6767-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skb_segment() Once again syzbot is able...

7.8CVSS

6.7AI Score

0.0004EPSS

2024-05-07 12:00 AM
23
nvd
nvd

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

8.4CVSS

8.6AI Score

0.001EPSS

2024-05-06 03:15 PM
cve
cve

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

8.4CVSS

7AI Score

0.001EPSS

2024-05-06 03:15 PM
25
vulnrichment
vulnrichment

CVE-2023-33119 Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

8.4CVSS

7.1AI Score

0.001EPSS

2024-05-06 02:32 PM
cvelist
cvelist

CVE-2023-33119 Time-of-check Time-of-use (TOCTOU) Race Condition in Hypervisor

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor...

8.4CVSS

8.7AI Score

0.001EPSS

2024-05-06 02:32 PM
nessus
nessus

Oracle Linux 9 : kernel (ELSA-2024-2394)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2394 advisory. An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results...

9.8CVSS

8.2AI Score

0.011EPSS

2024-05-06 12:00 AM
8
nessus
nessus

Debian dsa-5681 : affs-modules-5.10.0-29-4kc-malta-di - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5681 advisory. Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an...

8CVSS

8.2AI Score

0.0005EPSS

2024-05-06 12:00 AM
14
gentoo
gentoo

Apache Commons BCEL: Remote Code Execution

Background The Byte Code Engineering Library (Apache Commons BCEL™) is intended to give users a convenient way to analyze, create, and manipulate (binary) Java class files (those ending with .class). Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier.....

9.8CVSS

7.4AI Score

0.023EPSS

2024-05-05 12:00 AM
5
kitploit
kitploit

JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...

5.9AI Score

2024-05-04 12:30 PM
11
fedora
fedora

[SECURITY] Fedora 38 Update: stalld-1.19.2-1.fc38

The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds....

7.3AI Score

2024-05-04 02:20 AM
3
fedora
fedora

[SECURITY] Fedora 39 Update: stalld-1.19.2-1.fc39

The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds....

7.3AI Score

2024-05-04 01:33 AM
3
fedora
fedora

[SECURITY] Fedora 40 Update: stalld-1.19.2-1.fc40

The stalld program monitors the set of system threads, looking for threads that are ready-to-run but have not been given processor time for some threshold period. When a starving thread is found, it is given a temporary boost using the SCHED_DEADLINE policy. The default is to allow 10 microseconds....

7.3AI Score

2024-05-04 01:23 AM
4
nessus
nessus

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of...

7.8CVSS

7.6AI Score

EPSS

2024-05-04 12:00 AM
8
mssecure
mssecure

Security above all else—expanding Microsoft’s Secure Future Initiative

Last November, we launched the Secure Future Initiative (SFI) to prepare for the increasing scale and high stakes of cyberattacks. SFI brings together every part of Microsoft to advance cybersecurity protection across our company and products. Since then, the threat landscape has continued to...

7.8AI Score

2024-05-03 02:55 PM
4
Total number of security vulnerabilities18699