Lucene search

K

Ryzen™ 3000 Series Desktop Processors Security Vulnerabilities

debiancve
debiancve

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca ...

7.2AI Score

0.0004EPSS

2024-05-21 04:15 PM
nvd
nvd

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca ...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
cvelist
cvelist

CVE-2023-52750 arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to...

6.3AI Score

0.0004EPSS

2024-05-21 03:30 PM
cvelist
cvelist

CVE-2023-52739 Fix page corruption caused by racy check in __free_pages

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca ...

6.7AI Score

0.0004EPSS

2024-05-21 03:23 PM
thn
thn

Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses

Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system. "Deprecating NTLM has been a huge ask from our security community as it will.....

7.8AI Score

2024-05-21 09:02 AM
2
ubuntucve
ubuntucve

CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to...

6.6AI Score

0.0004EPSS

2024-05-21 12:00 AM
4
nessus
nessus

SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2024:1684-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1684-1 advisory. Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable...

7.9CVSS

5.7AI Score

0.0004EPSS

2024-05-21 12:00 AM
5
openvas
openvas

SUSE: Security Advisory (SUSE-SU-2024:1684-1)

The remote host is missing an update for...

7.9CVSS

7.1AI Score

0.0004EPSS

2024-05-21 12:00 AM
3
chrome
chrome

Stable Channel Update for Desktop

The Stable channel has been updated to 125.0.6422.76/.77 for Windows, Mac and 125.0.6422.76 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

8.1AI Score

0.0004EPSS

2024-05-21 12:00 AM
50
arista
arista

Security Advisory 0096

Security Advisory 0096 _._CSAF PDF Date: May 21, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 21, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-5502 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) Common Weakness Enumeration: CWE-287 Improper...

6.3AI Score

EPSS

2024-05-21 12:00 AM
1
nessus
nessus

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cairo (SUSE-SU-2024:1704-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1704-1 advisory. An issue was discovered in cairo 1.16.0. There is an infinite loop in the function...

6.5CVSS

6.3AI Score

0.003EPSS

2024-05-21 12:00 AM
2
trellix
trellix

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2 By Chintan Shah, Maulik Maheta · May 21, 2024 Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service permissions (T1574.011), NTDS.dit file.....

7.9AI Score

2024-05-21 12:00 AM
7
kaspersky
kaspersky

KLA67728 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: Heap buffer overflow vulnerability in ANGLE can be exploited to cause denial of service Heap...

8.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
openvas
openvas

Ubuntu: Security Advisory (USN-6766-3)

The remote host is missing an update for...

7.8CVSS

7AI Score

EPSS

2024-05-21 12:00 AM
2
ubuntucve
ubuntucve

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...

6.8AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
mssecure
mssecure

New Windows 11 features strengthen security to address evolving cyberthreat landscape

Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this exciting new class of PCs, we are introducing important security features and updates that make Windows 11 more secure for users and organizations and give developers the tools.....

7AI Score

2024-05-20 06:00 PM
5
mssecure
mssecure

New Windows 11 features strengthen security to address evolving cyberthreat landscape

In this article Cybersecurity at the forefront of all we do Modern, secure hardware Stay ahead of evolving threats with Windows Explore the new Windows 11 security features Ahead of the Microsoft Build 2024 conference, we announced a new class of Windows computers, Copilot+ PC. Alongside this...

9AI Score

2024-05-20 06:00 PM
595
cve
cve

CVE-2024-0401

ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U,...

7.2CVSS

7.9AI Score

0.0004EPSS

2024-05-20 05:15 PM
37
thn
thn

Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel

An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively. Cybersecurity firm Check Point is tracking the activity under.....

9.8CVSS

7.2AI Score

0.974EPSS

2024-05-20 04:05 PM
1
osv
osv

linux-aws, linux-aws-5.15 vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Sander Wiebing, Alvise de Faveri Tron,...

7.8CVSS

6.8AI Score

EPSS

2024-05-20 01:05 PM
3
thn
thn

Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal

Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. "This exploit triggers security warnings that could deceive unsuspecting users into executing harmful...

7.1AI Score

2024-05-20 12:20 PM
1
redhatcve
redhatcve

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

6.9AI Score

0.0004EPSS

2024-05-20 11:14 AM
4
thn
thn

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized...

8.2AI Score

2024-05-20 05:47 AM
1
githubexploit
githubexploit

Exploit for CVE-2024-3435

This is a Next.js project bootstrapped...

8.4CVSS

7AI Score

0.0004EPSS

2024-05-20 02:17 AM
106
ubuntu
ubuntu

Linux kernel (AWS) vulnerabilities

Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages linux-aws - Linux kernel for Amazon Web Services (AWS) systems linux-aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems Details It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack...

7.8CVSS

7.5AI Score

EPSS

2024-05-20 12:00 AM
8
f5
f5

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569) Impact...

6.3AI Score

0.0004EPSS

2024-05-20 12:00 AM
5
nessus
nessus

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel (AWS) vulnerabilities (USN-6766-3)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6766-3 advisory. It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations...

7.8CVSS

6.8AI Score

EPSS

2024-05-20 12:00 AM
7
nessus
nessus

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-056)

The version of kernel installed on the remote host is prior to 5.10.215-203.850. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-056 advisory. 2024-06-06: CVE-2024-35809 was added to this advisory. 2024-06-06: CVE-2023-52482 was added to this...

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
6
osv
osv

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. (An update is also available for the 2022.11...

6.8AI Score

EPSS

2024-05-19 07:15 PM
1
cve
cve

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. (An update is also available for the 2022.11...

6.7AI Score

EPSS

2024-05-19 07:15 PM
38
nvd
nvd

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. (An update is also available for the 2022.11...

6.5AI Score

EPSS

2024-05-19 07:15 PM
thn
thn

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles....

7.4AI Score

2024-05-19 09:46 AM
1
debiancve
debiancve

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

7.4AI Score

0.0004EPSS

2024-05-19 09:15 AM
3
debiancve
debiancve

CVE-2024-35906

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Send DTBCLK disable message on first commit [Why] Previous patch to allow DTBCLK disable didn't address boot case. Driver thinks DTBCLK is disabled by default, so we don't send disable message to PMFW. DTBCLK is...

7AI Score

0.0004EPSS

2024-05-19 09:15 AM
3
cve
cve

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

7.1AI Score

0.0004EPSS

2024-05-19 09:15 AM
30
nvd
nvd

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

6.9AI Score

0.0004EPSS

2024-05-19 09:15 AM
1
cvelist
cvelist

CVE-2024-35905 bpf: Protect against int overflow for stack access size

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

6.8AI Score

0.0004EPSS

2024-05-19 08:34 AM
thn
thn

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target...

7.1AI Score

2024-05-19 07:59 AM
1
ubuntucve
ubuntucve

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

6.8AI Score

0.0004EPSS

2024-05-19 12:00 AM
ubuntucve
ubuntucve

CVE-2024-35906

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Send DTBCLK disable message on first commit [Why] Previous patch to allow DTBCLK disable didn't address boot case. Driver thinks DTBCLK is disabled by default, so we don't send disable message to PMFW. DTBCLK is...

7.3AI Score

0.0004EPSS

2024-05-19 12:00 AM
2
qualysblog
qualysblog

Qualys Enterprise TruRisk™ Platform Extends FIM with Real-Time Monitoring of Unauthorized Access to Sensitive Data and Configuration Change Detection on Network Devices

Introducing FIM 4.0 with File Access Monitoring (FAM) and Agentless FIM to ensure compliance with the new PCI 4.0 File Integrity Monitoring (FIM) solutions are essential for virtually any organization to help identify suspicious activities across critical system files and registries, diagnose...

7.3AI Score

2024-05-17 11:45 PM
5
redhatcve
redhatcve

CVE-2024-35795

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately after....

6.4AI Score

0.0004EPSS

2024-05-17 11:10 PM
6
ibm
ibm

Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-38264)

Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVE. Vulnerability Details ** CVEID: CVE-2023-38264 DESCRIPTION: **The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0...

5.9CVSS

6.1AI Score

0.0004EPSS

2024-05-17 08:57 PM
8
ibm
ibm

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager (CVE-2023-22081, CVE-2023-22067, CVE-2023-5676)

Summary IBM® SDK, Java™ Technology Edition is shipped as a component of IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM® SDK, Java™ Technology Edition has been published in a security bulletin. Vulnerability Details ** CVEID: CVE-2023-22081 ...

5.9CVSS

7AI Score

0.001EPSS

2024-05-17 07:28 PM
16
cve
cve

CVE-2024-35795

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately after....

6.6AI Score

0.0004EPSS

2024-05-17 02:15 PM
30
nvd
nvd

CVE-2024-35795

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately after....

7.4AI Score

0.0004EPSS

2024-05-17 02:15 PM
debiancve
debiancve

CVE-2024-35795

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately...

6.6AI Score

0.0004EPSS

2024-05-17 02:15 PM
5
cvelist
cvelist

CVE-2024-35795 drm/amdgpu: fix deadlock while reading mqd from debugfs

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix deadlock while reading mqd from debugfs An errant disk backup on my desktop got into debugfs and triggered the following deadlock scenario in the amdgpu debugfs files. The machine also hard-resets immediately after....

7.4AI Score

0.0004EPSS

2024-05-17 01:23 PM
thn
thn

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

A new report from XM Cyber has found – among other insights - a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on...

7.8AI Score

2024-05-17 11:29 AM
1
nessus
nessus

EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2024-1647)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of...

3.7CVSS

7.5AI Score

0.001EPSS

2024-05-17 12:00 AM
2
Total number of security vulnerabilities84217