Page 25 of 2348 results (0.014 seconds)

CVSS: 4.7EPSS: 0%CPEs: 14EXPL: 0

16 May 2024 — Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en los procesadores Intel(R) Core(TM) Ultra que pueden permitir que un usuario autenticado habilite potencialmente la denegación de servicio a través del acceso local. A flaw was found in intel-microcode. The sequence of processor instruct... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01052.html • CWE-400: Uncontrolled Resource Consumption CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •

CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0

16 May 2024 — Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. La lógica de hardware con desincronización insegura en Intel(R) DSA e Intel(R) IAA para algunos procesadores Intel(R) Xeon(R) de cuarta o quinta generación puede permitir que un usuario autorizado habilite potencialmente la denegación de servicio a través del acceso local. Hardware lo... • http://www.openwall.com/lists/oss-security/2024/05/15/1 • CWE-400: Uncontrolled Resource Consumption CWE-1264: Hardware Logic with Insecure De-Synchronization between Control and Data Channels •

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

16 May 2024 — Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Stack Overflow) uses the same infrastructure, so is equally impacted. For more details, see: https://xenbits.xen.org/xsa/advisory-407.html https://xenbits.xen.org/xsa/advisory-434.html Because of a logical error in XSA-407 (Branch Type Confusion), the mitigation is not applied properly when it is intended to be used. XSA-434 (Speculative Return Sta... • https://xenbits.xenproject.org/xsa/advisory-455.html • CWE-693: Protection Mechanism Failure •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

16 May 2024 — Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a considerable amount of time, the hypervisor may choose to invoke a hypercall continuation. Doing so involves putting (perhaps updated) hypercall arguments in respective registers. For guests not running in 64-bit mode... • https://xenbits.xenproject.org/xsa/advisory-454.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.3EPSS: 0%CPEs: 23EXPL: 0

16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. Path traversal and command execution can occur (via a crafted PostScript document) because of path reduction in base/gpmisc.c. For example, restrictions on use of %pipe% can be bypassed via the aa/../%pipe%command# output filename. A flaw was found in Ghostscript. • https://bugs.ghostscript.com/show_bug.cgi?id=707691 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 6.8EPSS: 0%CPEs: 23EXPL: 0

16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. There is path traversal (via a crafted PostScript document) to arbitrary files if the current directory is in the permitted paths. For example, there can be a transformation of ../../foo to ./../../foo and this will grant access if ./ is permitted. • https://bugs.ghostscript.com/show_bug.cgi?id=707686 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 10.0EPSS: 2%CPEs: 32EXPL: 0

16 May 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. contrib/opvp/gdevopvp.c allows arbitrary code execution via a custom Driver library, exploitable via a crafted PostScript document. This occurs because the Driver parameter for opvp (and oprp) devices can have an arbitrary name for a dynamic library; this library is then loaded. Se descubrió un problema en Artifex Ghostscript antes de la versión 10.03.1. contrib/opvp/gdevopvp.c permite la ejecución de código arbitrario a través de una librería d... • https://bugs.ghostscript.com/show_bug.cgi?id=707754 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.3EPSS: 21%CPEs: 25EXPL: 2

16 May 2024 — Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. Artifex Ghostscript anterior a 10.03.1 permite la corrupción de la memoria y una omisión MÁS SEGURA de la sandbox mediante la inyección de cadena de formato con un dispositivo uniprint. A flaw in Ghostscript has been identified where the uniprint device allows users to pass various string fragments as device options. These strings, particularly upWriteComponentCommands a... • https://packetstorm.news/files/id/179645 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •

CVSS: 7.1EPSS: 0%CPEs: 18EXPL: 0

15 May 2024 — In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES. En el kernel de Linux hasta 6.7.2, un hipervisor que no es de confianza puede inyectar interrupciones virtuales 0 y 14 en cualquier momento y puede activar el controlador de señales SIGFPE en aplicaciones de espacio de usuario. Esto afecta a AMD SEV-SNP y AMD SEV-ES. A vulnerability w... • https://bugzilla.redhat.com/show_bug.cgi?id=2270836 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 1%CPEs: 33EXPL: 0

14 May 2024 — Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Errores de seguridad de la memoria presentes en Firefox 125, Firefox ESR 115.10 y Thunderbird 115.10. Algunos de estos errores mostraron evidencia de corrupción de memoria y sup... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1878199%2C1893340 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-416: Use After Free •