GHSA-MQ77-RV97-285M Home Assistant has Stored XSS vulnerability in Energy dashboard from Energy Entity Name

Summary An authenticated party can add a malicious name to the Energy entity, allowing for Cross-Site Scripting attacks against anyone who can see the Energy dashboard, when they hover over any information point The blue bar in the picture below An alternative, and more impactful scenario, is tha...

Astra Linux – Vulnerability in Intel Microcode

Observable discrepancies in the RAPL interface of certain Intel processors may allow a privileged user to potentially enable information disclosure through local access...

CVE-2024-40892

A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy BTLE interface. Once an attacker gains access to the...

OESA-2024-2158 microcode_ctl security update

This is a tool to transform and deploy microcode update for x86 CPUs. Security Fixes: Observable discrepancy in RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access.CVE-2024-23984 Improper finite state machines FSMs in...

SUSE CVE-2024-23984

Observable discrepancy in RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...