The vulnerability in the implementation of the SNP_INIT command during the loading of microprogramming software for AMD processors allows a attacker to influence the integrity of the protected information.

The vulnerability of the SNPINIT implementation in the loading of microprogramming software for AMD processors is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to influence the integrity of the protected information...

The vulnerability of the implementation of the AMD Secure Processor (ASP) microprogramming software for AMD processors allows a hacker to execute arbitrary code.

The vulnerability of the AMD Secure Processor ASP microprogramming system architecture lies in insufficient validation of input data during the execution of the SYSKEYDERIVE system call. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

SUSE CVE-2022-46397

FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...

PT-2023-6559

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description The issue is related to a maliciously crafted HTTP/2 stream that could cause excessive CPU consumption in the HPACK decoder, leading to a denial of servic...

Intel Xeon Processors 安全漏洞

Intel Xeon Processors is an Intel Xeon family of central processing units CPUs from the U.S.-based Intel Corporation Intel. A security vulnerability exists in IntelR XeonR Scalable Processors. An attacker could exploit the vulnerability to cause information disclosure...

SUSE CVE-2008-1687

The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename...

SUSE CVE-2009-0259

The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted 1 .doc, 2 .wri, or 3 .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated ...

SUSE CVE-2009-1891

The moddeflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service CPU consumption...

SUSE CVE-2010-3476

Open Ticket Request System OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service CPU consumption via a large message, a different vulnerability than...

SUSE CVE-2012-0946

The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges...

SUSE CVE-2012-3176

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect integrity via unknown vectors related to Panel Processor...

SUSE CVE-2012-4387

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service CPU consumption via a long parameter name, which is processed as an OGNL expression...

SUSE CVE-2013-5604

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote...

SUSE CVE-2014-1893

Multiple integer overflows in the 1 FLASKGETBOOL and 2 FLASKSETBOOL suboperations in the flask hypercall in Xen 4.1.x, 3.3.x, 3.2.x, and earlier, when XSM is enabled, allow local users to cause a denial of service processor fault via unspecified vectors, a different vulnerability than...

SUSE CVE-2014-6268

The evtchnfifosetpending function in Xen 4.4.x allows local guest users to cause a denial of service host crash via vectors involving an uninitialized FIFO-based event channel control block when 1 binding or 2 moving an event to a different VCPU...

SUSE CVE-2015-5364

The 1 udprecvmsg and 2 udpv6recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service system hang via incorrect checksums within a UDP packet flood...

SUSE CVE-2015-6837

The xslextfunctionphp function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking,...

SUSE CVE-2016-2271

VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service guest crash via vectors related to a non-canonical RIP...

SUSE CVE-2016-5857

The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR1094140...

SUSE CVE-2016-8745

A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...