CVSS: 6.0EPSS: 0%CPEs: 13EXPL: 0CVE-2023-47855
https://notcve.org/view.php?id=CVE-2023-47855
16 May 2024 — Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. La validación de entrada incorrecta en algún software de módulo Intel(R) TDX anterior a la versión 1.5.05.46.698 puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. • https://security.netapp.com/advisory/ntap-20240621-0003 • CWE-20: Improper Input Validation •
CVSS: 7.9EPSS: 0%CPEs: 14EXPL: 0CVE-2023-45745
https://notcve.org/view.php?id=CVE-2023-45745
16 May 2024 — Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access. La validación de entrada incorrecta en algún software de módulo Intel(R) TDX anterior a la versión 1.5.05.46.698 puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. • https://security.netapp.com/advisory/ntap-20240621-0003 • CWE-20: Improper Input Validation •
CVSS: 2.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-45733 – intel-microcode: Race conditions in some Intel(R) Processors
https://notcve.org/view.php?id=CVE-2023-45733
16 May 2024 — Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. La lógica del hardware contiene condiciones de ejecución en algunos procesadores Intel(R) que pueden permitir que un usuario autenticado permita potencialmente la divulgación parcial de información a través del acceso local. A flaw was found in intel-microcode. The hardware logic contains race conditions in some Intel(R) processors that ma... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-1298: Hardware Logic Contains Race Conditions •
CVSS: 4.7EPSS: 0%CPEs: 14EXPL: 0CVE-2023-46103 – intel-microcode: Unexpected behavior in Intel(R) Core(TM) Ultra Processors
https://notcve.org/view.php?id=CVE-2023-46103
16 May 2024 — Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en los procesadores Intel(R) Core(TM) Ultra que pueden permitir que un usuario autenticado habilite potencialmente la denegación de servicio a través del acceso local. A flaw was found in intel-microcode. The sequence of processor instruct... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html • CWE-400: Uncontrolled Resource Consumption CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •
CVSS: 6.3EPSS: 0%CPEs: 25EXPL: 1CVE-2024-29510 – ghostscript: format string injection leads to shell command execution (SAFER bypass)
https://notcve.org/view.php?id=CVE-2024-29510
16 May 2024 — Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Artifex Ghostscript anterior a 10.03.1 permite la corrupción de la memoria y una omisión MÁS SEGURA de la sandbox mediante la inyección de cadena de formato con un dispositivo uniprint. A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands a... • https://github.com/swsmith2391/CVE-2024-29510 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •
CVSS: 5.3EPSS: 0%CPEs: 23EXPL: 0CVE-2024-33869 – ghostscript: path traversal and command execution due to path reduction
https://notcve.org/view.php?id=CVE-2024-33869
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. A flaw was found in Ghostscript. • https://bugs.ghostscript.com/show_bug.cgi?id=707691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 6.8EPSS: 0%CPEs: 23EXPL: 0CVE-2024-33870 – ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths
https://notcve.org/view.php?id=CVE-2024-33870
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. • https://bugs.ghostscript.com/show_bug.cgi?id=707686 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 10.0EPSS: 0%CPEs: 32EXPL: 0CVE-2024-33871 – ghostscript: OPVP device arbitrary code execution via custom Driver library
https://notcve.org/view.php?id=CVE-2024-33871
16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. Se descubrió un problema en Artifex Ghostscript antes de la versión 10.03.1. contrib/opvp/gdevopvp.c permite la ejecución de código arbitrario a través de una librería d... • https://bugs.ghostscript.com/show_bug.cgi?id=707754 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.1EPSS: 0%CPEs: 11EXPL: 0CVE-2024-31142 – x86: Incorrect logic for BTC/SRSO mitigations
https://notcve.org/view.php?id=CVE-2024-31142
16 May 2024 — Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html https://xenbits.xen.org/xsa/advisory-434.html Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Sta... • https://xenbits.xenproject.org/xsa/advisory-455.html •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-46842 – x86 HVM hypercalls may trigger Xen bug check
https://notcve.org/view.php?id=CVE-2023-46842
16 May 2024 — Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a considerable amount of time, the hypervisor may choose to invoke a hypercall continuation. Doing so involves putting (perhaps updated) hypercall arguments in respective registers. For guests not running in 64-bit mode... • https://xenbits.xenproject.org/xsa/advisory-454.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •