CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36293 – Ubuntu Security Notice USN-7269-1
https://notcve.org/view.php?id=CVE-2024-36293
12 Feb 2025 — Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access. Ke Sun, Paul Grosen and Alyssa Milburn discovered that some Intel® Processors did not properly implement Finite State Machines in Hardware Logic. A local privileged attacker could use this issue to cause a denial of service. It was discovered that some Intel® Processors with Intel® SGX did not properly restrict acc... • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01213.html • CWE-284: Improper Access Control •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37020 – SUSE Security Advisory - SUSE-SU-2025:0591-1
https://notcve.org/view.php?id=CVE-2024-37020
12 Feb 2025 — Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access. These are all security issues fixed in the ucode-intel-20250211-1.1 package on the GA media of openSUSE Tumbleweed. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01194.html • CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39355 – SUSE Security Advisory - SUSE-SU-2025:0591-1
https://notcve.org/view.php?id=CVE-2024-39355
12 Feb 2025 — Improper handling of physical or environmental conditions in some Intel(R) Processors may allow an authenticated user to enable denial of service via local access. These are all security issues fixed in the ucode-intel-20250211-1.1 package on the GA media of openSUSE Tumbleweed. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01228.html • CWE-1384: Improper Handling of Physical or Environmental Conditions •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43758
https://notcve.org/view.php?id=CVE-2023-43758
12 Feb 2025 — Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 30EXPL: 0CVE-2025-1244 – Emacs: shell injection vulnerability in gnu emacs via custom "man" uri scheme
https://notcve.org/view.php?id=CVE-2025-1244
12 Feb 2025 — A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a ... • https://access.redhat.com/security/cve/CVE-2025-1244 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0662 – Uninitialized kernel memory disclosure via ktrace(2)
https://notcve.org/view.php?id=CVE-2025-0662
30 Jan 2025 — In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of kernel memory being copied out to userspace. It is possible for an unprivileged userspace program to leak 14 bytes of a kernel heap allocation to userspace. • https://security.freebsd.org/advisories/FreeBSD-SA-25:04.ktrace.asc • CWE-122: Heap-based Buffer Overflow •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0373 – Buffer overflow in some filesystems via NFS
https://notcve.org/view.php?id=CVE-2025-0373
29 Jan 2025 — On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow. A NFS server that exports a cd9660, tarfs, or ext2fs file system can be made to panic by mounting and accessing the export with an NFS client. Further exploitation (e.g., bypassing file permission checking or remote kernel code execution) is potentially possible, though this has not been demonstrated. In particular, release kernels are co... • https://security.freebsd.org/advisories/FreeBSD-SA-25:02.fs.asc • CWE-121: Stack-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-0374 – Unprivileged access to system files
https://notcve.org/view.php?id=CVE-2025-0374
29 Jan 2025 — When etcupdate encounters conflicts while merging files, it saves a version containing conflict markers in /var/db/etcupdate/conflicts. This version does not preserve the mode of the input file, and is world-readable. This applies to files that would normally have restricted visibility, such as /etc/master.passwd. An unprivileged local user may be able to read encrypted root and user passwords from the temporary master.passwd file created in /var/db/etcupdate/conflicts. This is possible only when conflicts ... • https://security.freebsd.org/advisories/FreeBSD-SA-25:03.etcupdate.asc • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 10.0EPSS: 3%CPEs: 16EXPL: 2CVE-2024-12084 – Rsync: heap buffer overflow in rsync due to improper checksum length handling
https://notcve.org/view.php?id=CVE-2024-12084
15 Jan 2025 — A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use this issue to execute arbitrary code. • https://github.com/themirze/cve-2024-12084 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 41EXPL: 0CVE-2024-12087 – Rsync: path traversal vulnerability in rsync
https://notcve.org/view.php?id=CVE-2024-12087
14 Jan 2025 — A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write m... • https://access.redhat.com/security/cve/CVE-2024-12087 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •