(RHSA-2023:6269) Important: cert-manager Operator for Red Hat OpenShift 1.12.1
The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to developers working within your Kubernetes cluster....
9.1AI Score
0.732EPSS
(RHSA-2023:6845) Important: OpenShift Container Platform 4.13.22 security and extras update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.22. See the following advisory for the container...
8.1AI Score
0.732EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
8.4CVSS
6.9AI Score
0.0004EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
7.1CVSS
0.0004EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
7.1CVSS
7.2AI Score
0.0004EPSS
(RHSA-2023:7215) Important: Red Hat OpenShift Service Mesh Containers for 2.2.12
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack)...
8AI Score
0.732EPSS
Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2023-433)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-433 advisory. Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. (CVE-2023-31122) An attacker, opening a HTTP/2 connection with...
7.5CVSS
7.3AI Score
0.732EPSS
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: from 4.3.0.0 before 4.3.0.203 from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before...
8.4CVSS
8.6AI Score
0.0004EPSS
Microsoft is addressing 64 vulnerabilities this November Patch Tuesday, including five zero-day vulnerabilities as well as one critical remote code execution (RCE) vulnerability. Overall, this month sees significantly fewer vulnerabilities addressed across a smaller number of products than has...
9.8CVSS
10AI Score
0.732EPSS
Summary There are multiple vulnerabilities in the IBM® SDK, Java™ Technology Edition that is shipped with IBM WebSphere Application Server and IBM WebSphere Application Server Liberty. The CVE(s) listed in this document might affect some configurations of IBM WebSphere Application Server...
3.7CVSS
5.6AI Score
0.001EPSS
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
Microsoft released its second last Patch Tuesday edition of the year. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft Patch Tuesday for November 2023 In this month's Patch Tuesday edition, Microsoft has addressed a total of 75...
9.8CVSS
9.8AI Score
0.57EPSS
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
0.0004EPSS
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.7AI Score
0.0004EPSS
Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of...
7.5CVSS
7.3AI Score
0.0005EPSS
Improper input validation in the SMM Supervisor may allow an attacker with a compromised SMI handler to gain Ring0 access potentially leading to arbitrary code...
9.8CVSS
9.6AI Score
0.001EPSS
Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU leading to a potential loss of guest virtual machine (VM) memory...
6.5CVSS
6.5AI Score
0.0005EPSS
TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of...
5.7CVSS
6.1AI Score
0.0005EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
8.7AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
0.0004EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
7.5AI Score
0.001EPSS
A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest...
3.3CVSS
6.2AI Score
0.0004EPSS
Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory...
7.5CVSS
7.1AI Score
0.0005EPSS
Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of...
4.6CVSS
5.9AI Score
0.001EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
0.0004EPSS
A race condition in System Management Mode (SMM) code may allow an attacker using a compromised user space to leverage CVE-2018-8897 potentially resulting in privilege...
8.1CVSS
6.8AI Score
0.001EPSS
Insufficient protections in System Management Mode (SMM) code may allow an attacker to potentially enable escalation of privilege via local...
7.8CVSS
8.7AI Score
0.0004EPSS
Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code...
9.8CVSS
9.5AI Score
0.001EPSS
SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory...
5.3CVSS
6.3AI Score
0.0005EPSS
Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...
7.5CVSS
7.8AI Score
0.001EPSS
Failure to validate the value in APCB may allow a privileged attacker to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of...
4.9CVSS
6.1AI Score
0.0004EPSS
Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of...
5.5CVSS
6.1AI Score
0.0004EPSS
Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of...
5.5CVSS
5.9AI Score
0.0004EPSS
Insufficient validation of SPI flash addresses in the ASP (AMD Secure Processor) bootloader may allow an attacker to read data in memory mapped beyond SPI flash resulting in a potential loss of availability and...
6.1CVSS
6.6AI Score
0.0004EPSS
Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code...
9.8CVSS
8.5AI Score
0.013EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7.9AI Score
0.0004EPSS
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local...
7.8CVSS
7.2AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...
6.7CVSS
7.9AI Score
0.0004EPSS
Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local...
6.7CVSS
8AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...
7.2AI Score
0.0004EPSS
Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...
7.2AI Score
0.0004EPSS
(RHSA-2023:7205) Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) nodejs: permission model...
7.6AI Score
EPSS
Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1726 Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-25181 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially...
9.8CVSS
7.8AI Score
0.001EPSS
Intel® RealSense™ Dynamic Calibration Software Advisory
Summary: A potential security vulnerability in some Intel® RealSense™ Dynamic Calibration software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2023-29504 Description: Uncontrolled search path...
7.2AI Score
0.001EPSS
Important: nodejs:20 security update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) nodejs: permission model...
9.8CVSS
6.9AI Score
EPSS
AMD Server Vulnerabilities – Nov 2023
Bulletin ID: AMD-SB-3002 Potential Impact:Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in the AMD Secure Processor (ASP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV), AMD Secure Encrypted...
9.8CVSS
8.7AI Score
0.013EPSS
Intel® OpenVINO™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® OpenVINO™ software may allow denial of service, information disclosure. Intel is releasing sotfware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25080 Description: Protection mechanism...
7.3AI Score
0.001EPSS
Intel® Unison™ Software Advisory
Summary: Potential security vulnerabilities in some Intel® Unison™ software may allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-36860 Description:...
7.9AI Score
0.001EPSS
AMD INVD Instruction Security Notice
Bulletin ID: AMD-SB-3005 Potential Impact: Memory integrity Severity:Medium Summary External researchers reported a potential vulnerability with the INVD instruction that may lead to a loss of SEV-ES and SEV-SNP guest virtual machine (VM) memory integrity. CVE Details Refer to Glossary for...
6.5CVSS
7.3AI Score
0.0005EPSS