SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3373-1)
This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201110 official release. CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446) CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594) CVE-2020-8696:...
6.5AI Score
SUSE SLED15 / SLES15 Security Update : ucode-intel (SUSE-SU-2020:3372-1)
This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201110 official release. CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) (bsc#1170446) CVE-2020-8698: Fixed Fast Store Forward Predictor INTEL-SA-00381 (bsc#1173594) CVE-2020-8696:...
6.5AI Score
talent500.co Cross Site Scripting vulnerability OBB-3757667
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.1AI Score
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges...
4.4CVSS
6.7AI Score
0.0004EPSS
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.2AI Score
0.0004EPSS
SUSE SLES12 Security Update : ucode-intel (SUSE-SU-2020:3514-1)
This update for ucode-intel fixes the following issues : Updated Intel CPU Microcode to 20201118 official release. (bsc#1178971) Removed TGL/06-8c-01/80 due to functional issues with some OEM platforms. CVE-2020-8695: Fixed Intel RAPL sidechannel attack (SGX) INTEL-SA-00389...
6.5AI Score
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges...
5.5CVSS
6.8AI Score
0.0004EPSS
6.1AI Score
0.015EPSS
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
Huawei EulerOS: Security Advisory for nettle (EulerOS-SA-2016-1061)
The remote host is missing an update for the Huawei...
8.8AI Score
0.009EPSS
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Hi, actually we have sent the bug report to [email protected] on 27th March 2023 and on 10th April 2023. Grav Server-side Template Injection (SSTI) via Insufficient Validation in filterFilter Summary: | Product | Grav CMS | |...
8.3AI Score
0.002EPSS
Molongui < 4.6.20 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The Author Box, Guest Author and Co-Authors for Your Posts – Molongui plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.6.19 due to insufficient input sanitization and output escaping. This makes it possible for....
4.8CVSS
5.9AI Score
0.0004EPSS
8.4AI Score
0.001EPSS
6.2AI Score
0.0005EPSS
8.4AI Score
0.001EPSS
6.2AI Score
0.0005EPSS
8.4AI Score
0.001EPSS
6.2AI Score
0.0005EPSS
openSUSE Security Update : the Linux Kernel (openSUSE-2020-801)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which...
8.6AI Score
6.2AI Score
0.0005EPSS
Command Execution Vulnerability in SuperMap iPortal of Beijing SuperMap Software Co.
SuperMap iPortal is a GIS portal platform for cloud computing, which enables the integration, discovery, sharing and management of various GIS resources such as maps, services, scenes and data, and also monitors multiple GIS servers within the organization to ensure the safe and stable operation...
7.2AI Score
Weak Password Vulnerability in MSG3100 at Resconda Technology Development Co.
MSG3100 is a box-type IP PBX product for government and enterprise customers, applicable to enterprises with less than 300 people, adopting 1U box-type design, used at the interface between enterprise internal network and access network, to meet the business needs of enterprise voice and data....
7AI Score
Unauthorized Access Vulnerability in ShopXO of Shanghai Zongzig Technology Co.
ShopXO is enterprise-level B2C open source e-commerce system. Ltd. ShopXO has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive...
6.8AI Score
7.6AI Score
0.006EPSS
6.2AI Score
0.0005EPSS
8.4AI Score
0.001EPSS
6.6AI Score
0.025EPSS
6.5AI Score
0.012EPSS
7.6AI Score
0.006EPSS
chromium -- multiple security fixes
Chrome Releases reports: This update includes 17 security fixes: [1484394] High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19 [1504936] High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane (rebane2001) on 2023-11-24 [1496250]...
7.8AI Score
0.001EPSS
6.5AI Score
0.004EPSS
6.2AI Score
0.001EPSS
7.6AI Score
0.006EPSS
Command Execution Vulnerability in SuperMap iServer 10i of Beijing SuperMap Software Co.
SuperMap iServer is a cloud GIS application server based on high-performance cross-platform GIS kernel. A command execution vulnerability exists in SuperMap iServer 10i of Beijing SuperMap Software Co. Ltd. that can be exploited by an attacker to gain control of the...
7.5AI Score
Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who.....
6.8AI Score
7.7AI Score
0.006EPSS
6.4AI Score
0.084EPSS
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.2AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.1AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.2AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.1AI Score
0.0004EPSS
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges...
4.4CVSS
7.2AI Score
0.0004EPSS
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges...
5.5CVSS
7.2AI Score
0.0004EPSS
New Leak Shows Business Side of China’s APT Menace
A new data leak that appears to have come from one of China's top private cybersecurity firms provides a rare glimpse into the commercial side of China's many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign...
7.1AI Score
SuperMap iServer is a cloud GIS application server based on high-performance cross-platform GIS kernel. An unauthorized access vulnerability exists in SuperMap iServer of Beijing SuperMap Software Co. Ltd, which can be exploited by attackers to obtain sensitive...
6.8AI Score