Linux Distros Unpatched Vulnerability : CVE-2012-0217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and...

Linux Distros Unpatched Vulnerability : CVE-2019-0154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR...

UBUNTU-CVE-2022-49565

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. 7763.384369 unchecked MSR access error: WRMSR to 0x689 tried to write 0x1fffffff8101349e at rIP: 0xffffffff810704a4...

CVE-2024-36293

Improper access control in the EDECCSSA user leaf function for some IntelR Processors with IntelR SGX may allow an authenticated user to potentially enable denial of service via local access...

Intel 2024.4 IPU - Processor February 2025 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has identified affected...

CVE-2024-24853

Incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a privileged user to potentially enable escalation of privilege via local access...

The vulnerability of the perf/x86/intel/pt components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the perf/x86/intel/pt components in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

K000148650: Intel processor vulnerabilities CVE-2024-22185 and CVE-2024-24985

Security Advisory Description CVE-2024-22185 Time-of-check Time-of-use Race Condition in some IntelR processors with IntelR ACTM may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-24985 Exposure of resource to wrong sphere in some IntelR processor...

2024.3 IPU - Intel® Processor RAPL Interface Advisory

Summary: A potential security vulnerability in the Running Average Power Limit RAPL interface for some Intel® Processors may allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-23984 Description:...

Intel® Processor (SPP) Advisory

Summary: Potential security vulnerabilities in the Sub-Page write Permissions SPP for some Intel® Processors may allow escalation of privilege. Intel is releasing prescriptive guidance to address these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2024-36242 Description: Protection...

SUSE CVE-2024-50093

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is ...

Important: microcode_ctl

Issue Overview: Incorrect default permissions in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-21820 Improper finite state machines FSMs in the hardware logic ...

Important: microcode_ctl

Issue Overview: Incorrect default permissions in some IntelR XeonR processor memory controller configurations when using IntelR SGX may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2024-21820 Improper conditions check in some IntelR XeonR processor...

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Servlet Inclusion Authentication Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is vulnerable to remote, arbitrary servlet...

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Project Download

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect 3.08.01 auth/ Active Debug Code Vulnerability Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: 3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure

ABB Cylon Aspect 3.08.01 throttledLog.php Unauthenticated Log Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

ABB Cylon Aspect 3.07.02 user.properties Default Credentials

ABB Cylon Aspect 3.07.02 user.properties Default Credentials Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy management and...

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vulnerability

ABB Cylon Aspect version 3.07.02 suffers from a vulnerability that allows an unauthenticated attacker to enable or disable the SSH daemon by sending a POST request to sshUpdate.php with a simple JSON payload. This can be exploited to start the SSH service on the remote host without proper...