The vulnerability of Windows operating systems, related to processor optimization, the removal or modification of security-critical code, allows attackers to disclose sensitive information.

Vulnerabilities of Windows operating systems are related to optimizations made to the processor, as well as the removal or modification of code that is critical for security. Exploiting these vulnerabilities can allow attackers to disclose sensitive information through attacks via secondary...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overrunning reservations in ringbuf CVE-2024-41009 In...

Vulnerability fixed in HPE 3PAR Service Processor

A vulnerability has been fixed in HPE 3PAR Service Processor. An unauthenticated malicious person with access to the local network can exploit the vulnerability to bypass authentication. HPE has made an update available to fix the vulnerabilities. See the reference for more information...

Denial of Service (DoS)

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Denial of Service DoS through the XML parsing process. An attacker can cause a denial of service by sending specially crafted XML documents that contain many specific characters such as . This...

CVE-2024-40968

In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of the peripheral PCIe devices of the mips processor after the PCIe link surprise down, it ca...

DEBIAN-CVE-2022-48845

In the Linux kernel, the following vulnerability has been resolved: MIPS: smp: fill in sibling and core maps earlier After enabling CONFIGSCHEDCORE landed during 5.14 cycle, 2-core 2-thread-per-core interAptiv CPS-driven started emitting the following: 0.025698 CPU1 revision is: 0001a120 MIPS...

PT-2024-19428 · Hewlett Packard · 3Par Service Processor Firmware +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue could be remotely exploited to bypass authentication. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...

DEBIAN-CVE-2024-40997

In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate: fix memory leak on CPU EPP exit The cpudata memory from kzalloc in amdpstateeppcpuinit is not freed in the analogous exit function, so fix that. rjw: Subject and changelog edits...

CVE-2024-40968

In the Linux kernel, the following vulnerability has been resolved: MIPS: Octeon: Add PCIe link status check The standard PCIe configuration read-write interface is used to access the configuration space of the peripheral PCIe devices of the mips processor after the PCIe link surprise down, it ca...

UBUNTU-CVE-2024-40944

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...

The vulnerability of the WSDL query processor in the “Update Service” software allows a attacker to gain read access to local files.

The vulnerability of the WSDL query processor in the “Update Service” software is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability could allow a malicious actor to gain read access to local files...

CVE-2024-27385

A vulnerability was discovered in the slsihandlenanrxeventlogind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on taglen for rx coming from userspace, which can lead to heap overwrite...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the parsing of X.509 certificates. An attacker can cause excessive CPU consumption and disrupt service by submitting a specially crafted malicious certificate. Remediation Upgrade...

CVE-2024-27361

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use TOCTOU race condition, which can lead to a Denial of Service...

CVE-2024-27363

A vulnerability was discovered in Samsung Mobile Processor Exynos 850, Exynos 9610, Exynos 980, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930 where it does not properly check a pointer address, which can lead to a Information disclosure...

CVE-2024-28068

A vulnerability was discovered in SS in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos 9110, Exynos W920, Exynos...

CVE-2023-50807

A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G no auth...

CVE-2023-50805

A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem...

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.7.4) +973 more potentially affected by CVE-2024-3653 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.14.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.31 and more Source cves: CVE-2024-3653 Source advisory: OSV:GHSA-CH7Q-GPFF-H9HP...

SAMSUNG Mobile Processor Security Vulnerability

SAMSUNG Mobile Processor is a family of mobile processors from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile Processor, which stems from a lack of validation checks on local handles, and could lead to a denial-of-service attack by unmapping invalid lengths...