Lucene search

K

Ryzen™ 3000 Series Desktop Processors Security Vulnerabilities

securelist
securelist

Trusted relationship attacks: trust, but verify

IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...

7.8AI Score

2024-05-28 10:00 AM
14
talos
talos

AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability May 28, 2024 CVE Number CVE-2024-21785 SUMMARY A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E...

9.8CVSS

7.8AI Score

0.001EPSS

2024-05-28 12:00 AM
4
talos
talos

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1941 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-23315 SUMMARY A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory...

7.5CVSS

7AI Score

0.001EPSS

2024-05-28 12:00 AM
4
talos
talos

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-22187 SUMMARY A write-what-where vulnerability exists in the Programming Software Connection Remote Memory...

9.1CVSS

7.6AI Score

0.001EPSS

2024-05-28 12:00 AM
1
talos
talos

Foxit Reader Updater improper certificate validation privilege escalation vulnerability

Talos Vulnerability Report TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability May 28, 2024 CVE Number CVE-2024-29072 SUMMARY A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper....

8.2CVSS

7.6AI Score

0.0004EPSS

2024-05-28 12:00 AM
1
talos
talos

AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24963,CVE-2024-24962 SUMMARY A stack-based buffer overflow vulnerability exists in the Programming Software...

9.8CVSS

8AI Score

0.001EPSS

2024-05-28 12:00 AM
4
nessus
nessus

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0142-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0142-1 advisory. - Update to 110.0.5130.39 * DNA-115603 [Rich Hints] Pass trigger source to the Rich Hint * DNA-116680 Import 0-day fix for CVE-2024-5274 -...

9.6CVSS

7AI Score

0.003EPSS

2024-05-28 12:00 AM
packetstorm

7.4AI Score

2024-05-28 12:00 AM
70
openvas
openvas

openSUSE: Security Advisory for opera (openSUSE-SU-2024:0142-1)

The remote host is missing an update for...

9.6CVSS

9.2AI Score

0.003EPSS

2024-05-28 12:00 AM
ubuntu
ubuntu

Linux kernel (Intel IoTG) vulnerabilities

Releases Ubuntu 22.04 LTS Packages linux-intel-iotg - Linux kernel for Intel IoT platforms Details Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically...

7.8CVSS

7.5AI Score

EPSS

2024-05-28 12:00 AM
5
redhatcve
redhatcve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.6AI Score

0.0004EPSS

2024-05-27 11:01 AM
4
thn
thn

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversary-in-the-middle...

7.2AI Score

2024-05-27 09:02 AM
1
openvas
openvas

Fedora: Security Advisory for freerdp (FEDORA-2024-050266dc33)

The remote host is missing an update for...

9.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for flatpak (FEDORA-2024-43ea98691e)

The remote host is missing an update for...

8.4CVSS

8.4AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for freerdp (FEDORA-2024-c702ea0fb1)

The remote host is missing an update for...

9.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
2
openvas
openvas

Fedora: Security Advisory for libreoffice (FEDORA-2024-7989718224)

The remote host is missing an update for...

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for gnome-shell (FEDORA-2024-635a54eb7e)

The remote host is missing an update for...

7.5AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for gnome-shell (FEDORA-2024-fd2569c4e9)

The remote host is missing an update for...

7.5AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-07b7b83a4f)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for flatpak (FEDORA-2024-c8d21fe399)

The remote host is missing an update for...

8.4CVSS

8.4AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for R (FEDORA-2024-bc590cb3f1)

The remote host is missing an update for...

8.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for freerdp (FEDORA-2024-1b11432d52)

The remote host is missing an update for...

9.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
openvas
openvas

Fedora: Security Advisory for freerdp2 (FEDORA-2024-982a7184e0)

The remote host is missing an update for...

9.8CVSS

8.8AI Score

0.0004EPSS

2024-05-27 12:00 AM
1
githubexploit
githubexploit

Exploit for CVE-2023-33733

CVE-2023-33733-POC Disclamer I did not, nor do I take...

7.8CVSS

6.4AI Score

0.001EPSS

2024-05-25 06:47 PM
119
githubexploit
githubexploit

Exploit for CVE-2023-33733

CVE-2023-33733-POC Disclamer I did not, nor do I take...

7.8CVSS

6.4AI Score

0.001EPSS

2024-05-25 06:47 PM
148
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ucode-intel (SUSE-SU-2024:1771-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1771-1 advisory. Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) - CVE-2023-45733: Fixed...

7.9CVSS

7.8AI Score

0.0004EPSS

2024-05-25 12:00 AM
2
debiancve
debiancve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To...

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
1
nvd
nvd

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.5AI Score

0.0004EPSS

2024-05-24 03:15 PM
cve
cve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.7AI Score

0.0004EPSS

2024-05-24 03:15 PM
24
cvelist
cvelist

CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.5AI Score

0.0004EPSS

2024-05-24 03:09 PM
vulnrichment
vulnrichment

CVE-2021-47514 devlink: fix netns refcount leak in devlink_nl_cmd_reload()

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.8AI Score

0.0004EPSS

2024-05-24 03:09 PM
2
fedora
fedora

[SECURITY] Fedora 39 Update: libreoffice-7.6.7.2-1.fc39

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites. ...

6.8AI Score

0.0004EPSS

2024-05-24 01:04 AM
2
arista
arista

Security Advisory 0097

Security Advisory 0097 PDF Date: May 24, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 24, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-52424 CVSSv3.1 Base Score: Not indicated by NVD as of 5/23/2024 Description Arista Networks is providing this security update in...

6AI Score

EPSS

2024-05-24 12:00 AM
5
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1770-1)

The remote host is missing an update for...

7.1AI Score

0.0004EPSS

2024-05-24 12:00 AM
2
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1771-1)

The remote host is missing an update for...

7.9CVSS

7.5AI Score

0.0004EPSS

2024-05-24 12:00 AM
2
openvas
openvas

Ubuntu: Security Advisory (USN-6785-1)

The remote host is missing an update for...

7.2AI Score

EPSS

2024-05-24 12:00 AM
1
ubuntucve
ubuntucve

CVE-2021-47514

In the Linux kernel, the following vulnerability has been resolved: devlink: fix netns refcount leak in devlink_nl_cmd_reload() While preparing my patch series adding netns refcount tracking, I spotted bugs in devlink_nl_cmd_reload() Some error paths forgot to release a refcount on a netns. To fix....

6.6AI Score

0.0004EPSS

2024-05-24 12:00 AM
1
kaspersky
kaspersky

KLA68204 DoS vulnerability in Opera

Type confusion vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Opera 110.0.5130.39 Stable update Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products Opera CVE.....

8.8CVSS

6.4AI Score

0.003EPSS

2024-05-24 12:00 AM
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2024:1770-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1770-1 advisory. Update to version 115.11.0 ESR (bsc#1224056): - CVE-2024-4367: Arbitrary JavaScript execution...

8.3AI Score

0.0004EPSS

2024-05-24 12:00 AM
3
krebs
krebs

Stark Industries Solutions: An Iron Hammer in the Cloud

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government.....

6.8AI Score

2024-05-23 11:32 PM
3
osv
osv

gnome-remote-desktop vulnerability

Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take control of remote desktop...

6.8AI Score

EPSS

2024-05-23 04:27 PM
2
cve
cve

CVE-2024-35222

Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...

5.9CVSS

7AI Score

0.0004EPSS

2024-05-23 02:15 PM
54
nvd
nvd

CVE-2024-35222

Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...

5.9CVSS

5.9AI Score

0.0004EPSS

2024-05-23 02:15 PM
cvelist
cvelist

CVE-2024-35222 iFrames Bypass Origin Checks for Tauri API Access Control

Tauri is a framework for building binaries for all major desktop platforms. Remote origin iFrames in Tauri applications can access the Tauri IPC endpoints without being explicitly allowed in the dangerousRemoteDomainIpcAccess in v1 and in the capabilities in v2. Valid commands with potentially...

5.9CVSS

5.8AI Score

0.0004EPSS

2024-05-23 01:20 PM
kitploit
kitploit

Go-Secdump - Tool To Remotely Dump Secrets From The Windows Registry

Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any remote agent and without touching disk. The tool is built on top of the library go-smb and use it to communicate with the Windows...

7.3AI Score

2024-05-23 12:30 PM
13
ics
ics

AutomationDirect Productivity PLCs

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: Productivity PLCs Vulnerabilities: Buffer Access with Incorrect Length Value, Out-of-bounds Write, Stack-based Buffer Overflow, Improper Access Control, Active...

9.8CVSS

10AI Score

0.001EPSS

2024-05-23 12:00 PM
7
redhat
redhat

(RHSA-2024:3304) Important: libreoffice security fix update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...

7.1AI Score

0.001EPSS

2024-05-23 05:51 AM
2
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1762-1)

The remote host is missing an update for...

9.8CVSS

7.5AI Score

0.017EPSS

2024-05-23 12:00 AM
5
ubuntu
ubuntu

GNOME Remote Desktop vulnerability

Releases Ubuntu 24.04 LTS Packages gnome-remote-desktop - Remote desktop daemon for GNOME Details Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information, or take...

7.2AI Score

EPSS

2024-05-23 12:00 AM
4
kaspersky
kaspersky

KLA68203 DoS vulnerability in Google Chrome

Type confusion vulnerability was found in Google Chrome. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Stable Channel Update for Desktop Exploitation Public exploits exist for this vulnerability. Related products Google-Chrome CVE list CVE-2024-5274....

8.8CVSS

6.2AI Score

0.003EPSS

2024-05-23 12:00 AM
Total number of security vulnerabilities84214