Page 58 of 487 results (0.016 seconds)

CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0

Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un fallo en el mecanismo de protección de algunos software de Intel(R) PROSet/Wireless WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-693: Protection Mechanism Failure •

CVSS: 8.2EPSS: 0%CPEs: 19EXPL: 0

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado para algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to enable escalation of privilege via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY https://access& • CWE-284: Improper Access Control •

CVSS: 6.7EPSS: 0%CPEs: 18EXPL: 1

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. Se ha encontrado un fallo en el controlador exFAT del núcleo de Linux. La vulnerabilidad se encuentra en la implementación de la función de reconstrucción de nombres de archivo, que se encarga de leer entradas de nombres de archivo de un índice de directorio y fusionar partes de nombres de archivo pertenecientes a un archivo en un único nombre de archivo largo. • https://access.redhat.com/errata/RHSA-2023:6583 https://access.redhat.com/security/cve/CVE-2023-4273 https://bugzilla.redhat.com/show_bug.cgi?id=2221609 https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 0

.NET and Visual Studio Denial of Service Vulnerability An uncontrolled resource consumption vulnerability was found in the Kestrel component of the dotNET. When detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service. Microsoft .NET Core and Visual Studio contain an unspecified vulnerability that allows for denial-of-service (DoS). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NWVZFKTLNMNKPZ755EMRYIA6GHFOWGKY https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180 https://access.redhat.com/security/cve/CVE-2023-38180 https://bugzilla.redhat.com/show_bug.cgi?id=2228621 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. Un error de división por cero en algunos procesadores AMD puede potencialmente devolver datos especulativos que resulten en una pérdida de confidencialidad. • http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023 • CWE-369: Divide By Zero •