ALPINE-CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

DEBIAN-CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2022-40982

CVE-2022-40982 is an information-leak via microarchitectural state after transient execution in certain Intel vector execution units. The connected docs consistently describe local information disclosure by an authenticated user on affected Intel processors, with mitigations centered on firmware/...

CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

SUSE CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2023-40041

TOTOLINK T10v2 5.9c.5061B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cstemodules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code...

x86/Intel: Gather Data Sampling

ISSUE DESCRIPTION A researcher has discovered Gather Data Sampling, a transient execution side-channel whereby the AVX GATHER instructions can forward the content of stale vector registers to dependent instructions. The physical register file is a structure competitively shared between sibling...

Intel® Unite® Software Advisory

Summary: Potential security vulnerabilities in some Intel® Unite® software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25773 Description: Improper access control in the IntelR UniteR Hub...

Intel Processors Security Vulnerability

Intel Processors are U.S.-based Intel Corporation that provide for the interpretation of computer instructions and the processing of data in computer software. A security vulnerability exists in Intel Processors that arises from the exposure of information via microarchitectural state after...

mooSocial 3.1.8 - Reflected XSS Vulnerability

Exploit Title: mooSocial 3.1.8 - Reflected XSS Exploit Author: CraCkEr Vendor: mooSocial Vendor Homepage: https://moosocial.com/ Software Link: https://travel.moosocial.com/ Version: 3.1.8 Tested on: Windows 10 Pro Impact: Manipulate the content of the site CVE: CVE-2023-4173 Greetings ThePitBull...

UBUNTU-CVE-2022-40982

Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access...

PT-2023-4279 · Cockpit Hq · Cockpit

Name of the Vulnerable Software and Affected Versions: cockpit-hq/cockpit versions prior to 2.6.3 Description: The issue is related to a Cross-site Scripting XSS - Stored vulnerability in the cockpit-hq/cockpit GitHub repository. This vulnerability exists due to inadequate protection of the web...

Campcodes Online Matrimonial Website System Code Issue Vulnerability

Campcodes Online Matrimonial Website System is an online matrimonial website from Campcodes, Inc. A security vulnerability exists in the Campcodes Online Matrimonial Website System. An attacker could exploit this vulnerability to execute code via a malicious SVG file upload...

CVE-2023-36858

CVE-2023-36858 affects BIG-IP Edge Client for Windows and macOS. Root cause: insufficient verification of data allows an attacker with local access to modify the client’s configured server list. Impact: potential redirection of traffic to a malicious server. Remediation (from K000132563): upgrade...

The vulnerability of the kernel of iOS, iPadOS, and macOS allows a perpetrator to trigger a service failure.

The vulnerability in the kernels of iOS, iPadOS, and macOS exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures...

CVE-2023-37920

A flaw was found in the python-certifi package. This issue occurs when the e-Tugra root certificate in Certifi is removed, resulting in an unspecified error that has an unknown impact and attack vector...

The vulnerability of the aws-sigv4 library for collecting, processing, and transmitting metrics allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the aws-sigv4 library, which is responsible for collecting, processing, and transmitting metrics related to Vector, stems from insufficient protection of registration data during the processing of the awssigv4::SigningParams structure. Exploiting this vulnerability can allow...

CVE-2020-35698

Thinkific Thinkific Online Course Creation Platform 1.0 is affected by: Cross Site Scripting XSS. The impact is: execute arbitrary code remote. The component is: Affected Source code of the website CMS which is been used by many to host their online courses using the Thinkific Platform. The attac...