CVE-2023-38420
https://notcve.org/view.php?id=CVE-2023-38420
Improper conditions check in Intel(R) Power Gadget software for macOS all versions may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01037.html • CWE-703: Improper Check or Handling of Exceptional Conditions CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2023-49614
https://notcve.org/view.php?id=CVE-2023-49614
Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow escalation of privilege and information disclosure. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01050.html • CWE-787: Out-of-bounds Write •
CVE-2023-45733
https://notcve.org/view.php?id=CVE-2023-45733
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html • CWE-1298: Hardware Logic Contains Race Conditions •
CVE-2024-21792
https://notcve.org/view.php?id=CVE-2024-21792
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-29510 – ghostscript: format string injection leads to shell command execution (SAFER bypass)
https://notcve.org/view.php?id=CVE-2024-29510
This lack of restriction permits arbitrary format strings with multiple specifiers, potentially leading to data leakage from the stack and memory corruption. • https://github.com/swsmith2391/CVE-2024-29510 https://bugs.ghostscript.com/show_bug.cgi?id=707662 https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation https://www.openwall.com/lists/oss-security/2024/07/03/7 https://access.redhat.com/security/cve/CVE-2024-29510 https://bugzilla.redhat.com/show_bug.cgi?id=2293950 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •