BD Pyxis™ ParAssist Security Vulnerabilities
Summary IBM® SDK Java™ Technology Edition and IBM® Runtime Environment Java™ used by IBM i are vulnerable to a remote attacker causing a low integrity impact due to an unspecified vulnerability in the libraries component as described in the vulnerability details section. The vulnerability is fixed....
6.4AI Score
0.001EPSS
RenderDoc: Multiple Vulnerabilities
Background RenderDoc is a free MIT licensed stand-alone graphics debugger that allows quick and easy single-frame capture and detailed introspection of any application using Vulkan, D3D11, OpenGL & OpenGL ES or D3D12 across Windows, Linux, Android, or Nintendo Switch™. Description Multiple...
7.5AI Score
0.003EPSS
Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year
Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1...
7.1AI Score
Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year
Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1...
7.2AI Score
Intel Optane™ SSD Firmware November 2023 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Optane™ SSD and some Intel® Optane™ SSD DC products, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. .....
7.4AI Score
0.001EPSS
AMD Ryzen Master™ SDK August 2023 Security Update
AMD has informed HP of potential security vulnerabilities identified in the AMD® Ryzen Master™ SDK, which might allow arbitrary code execution, denial of service, or information disclosure. AMD has released software updates to mitigate the potential vulnerabilities. AMD has released updates to...
7.5AI Score
0.0004EPSS
container-tools:ol8 security and bug fix update
aardvark-dns [2:1.7.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0 - Related: #2176055 [2:1.6.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0 - Related: #2176055 buildah [1:1.31.3-1] - update to...
8.8AI Score
0.02EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
7.5AI Score
0.001EPSS
Decoding the Term: Deciphering the Significance of Multi-Homing? The term multi-homing, in the realm of computer networking, finds itself surrounded by considerable confusion owing to its multifaceted technical nuances. Nevertheless, it stands as a pillar of network security and dependability....
7.2AI Score
Summary There are vulnerabilities in IBM® Java™ Version 8, IBM WebSphere Application Server Liberty and IBM® Global Security Kit (GSKit) used by IBM Planning Analytics and IBM Planning Analytics Workspace. IBM Planning Analytics 2.0.9.19 and IBM Planning Analytics Workspace 2.0.91 have addressed...
9.5AI Score
0.034EPSS
What is a Network Management Station (NMS) ?
The Bedrock of the Network Coordination Hub (NCH) Delving into the substantial domain of digital networks, the Network Coordination Hub (NCH) is unveiled as a critical component ensuring fluid network operations. Let us unravel this concept - an NCH signifies a control console employed for...
7.2AI Score
What Is Microservices Architecture
Mastering the Essential Elements of Services-Focused Programming The methodology of programming using tiny, interdependent software units, often simplified to 'Microservices', has seen a marked uptick in usage in recent times. This distinct architectural paradigm shapes an application as a group...
7.9AI Score
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
7.1CVSS
7.4AI Score
0.0004EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
7.1CVSS
7.2AI Score
0.0004EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
7AI Score
0.0004EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
5.6AI Score
0.001EPSS
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of...
7.5CVSS
7.3AI Score
0.0005EPSS
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code...
9.8CVSS
8AI Score
0.001EPSS
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory...
6.5CVSS
7.3AI Score
0.0005EPSS
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of...
5.7CVSS
5.3AI Score
0.0005EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7.7AI Score
0.0004EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
5.4AI Score
0.001EPSS
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest...
3.3CVSS
7.2AI Score
0.0004EPSS
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory...
7.5CVSS
5.3AI Score
0.0005EPSS
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of...
4.6CVSS
5.1AI Score
0.001EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7.7AI Score
0.0004EPSS
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege...
8.1CVSS
7.5AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code...
9.8CVSS
7.8AI Score
0.001EPSS
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory...
5.3CVSS
7.4AI Score
0.0005EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
7.3AI Score
0.001EPSS
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of...
4.9CVSS
7.1AI Score
0.0004EPSS
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of...
5.5CVSS
7.1AI Score
0.0004EPSS
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of...
5.5CVSS
7.3AI Score
0.0004EPSS
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and...
6.1CVSS
7.2AI Score
0.0004EPSS
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code...
9.8CVSS
7.4AI Score
0.013EPSS
AMD Server Vulnerabilities – Nov 2023
Bulletin ID: AMD-SB-3002 Potential Impact:Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted...
9.8CVSS
8.7AI Score
0.013EPSS
Intel® RealSense™ Dynamic Calibration Software Advisory
Summary: A potential security vulnerability in some Intel® RealSense™ Dynamic Calibration software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-29504 Description: Uncontrolled search path...
7.2AI Score
Intel® OpenVINO™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® OpenVINO™ software may allow denial of service, information disclosure. Intel is releasing sotfware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25080 Description: Protection mechanism...
7.3AI Score
Intel® Core™ Processors with Radeon™ RX Vega M Graphics Advisory
Summary: Potential security vulnerabilities in some Intel® Core™ processors with Radeon™ RX Vega M integrated graphics may allow escalation of privilege, denial of service or information disclosure. Intel and AMD are releasing driver updates to mitigate these potential vulnerabilities....
8AI Score
Intel® Unison™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® Unison™ software may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-36860 Description:...
7.9AI Score
AMD INVD Instruction Security Notice
Bulletin ID: AMD-SB-3005 Potential Impact: Memory integrity Severity:Medium Summary External researchers reported a potential vulnerability with the INVD instruction that may lead to a loss of SEV-ES and SEV-SNP guest virtual machine (VM) memory integrity. CVE Details Refer to Glossary for...
6.5CVSS
7.3AI Score
0.0005EPSS
2023.4 IPU - Intel® Processor Advisory
Summary: A potential security vulnerability in some Intel® Processors may allow escalation of privilege and/or information disclosure and/or denial of service via local access. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID:...
7.2AI Score
Intel® Arc™ RGB Controller Software Advisory
Summary: A potential security vulnerability in some Intel® Arc™ RGB Controller software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-32638 Description: Incorrect default permissions in some...
7.2AI Score
Intel® Optane™ SSD and Intel® Optane™ SSD DC Firmware Advisory
Summary: Potential security vulnerabilities in some Intel® Optane™ SSD and some Intel® Optane™ SSD DC products may allow escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details:...
7.8AI Score
Summary: Summary: Potential security vulnerabilities in some Intel® NUC Software may allow escalation of privilege, denial of service, and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-28737...
8.7AI Score
Summary: Potential security vulnerabilities in the BIOS firmware for some Intel® Processors may allow escalation of privilege or denial of service. Intel is releasing BIOS updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25756 Description: Out-of-bounds...
7.8AI Score
AMD Graphics Driver Vulnerabilities – November 2023
Bulletin ID: AMD-SB-6003 Potential Impact: Varies by CVE, see descriptions below Severity:Varies by CVE, see descriptions below Summary AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE. CVE...
7.5CVSS
8AI Score
0.0005EPSS
AMD SMM Supervisor Vulnerability Security Notice
Bulletin ID: AMD-SB-7011 Potential Impact: Loss of confidentiality, integrity, and availability Severity:High Summary External researchers reported a potential vulnerability during SMM Supervisor initialization which may impact some AMD processors. On systems that do not have Supervisor Mode...
9.8CVSS
9.9AI Score
0.001EPSS