CVE-2023-49614
https://notcve.org/view.php?id=CVE-2023-49614
Out of bounds write in firmware for some Intel(R) FPGA products before version 2.9.0 may allow escalation of privilege and information disclosure. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01050.html • CWE-787: Out-of-bounds Write •
CVE-2023-45733
https://notcve.org/view.php?id=CVE-2023-45733
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01051.html • CWE-1298: Hardware Logic Contains Race Conditions •
CVE-2024-21792
https://notcve.org/view.php?id=CVE-2024-21792
Time-of-check Time-of-use race condition in Intel(R) Neural Compressor software before version 2.5.0 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01109.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2024-29510 – Ghostscript Command Execution via Format String
https://notcve.org/view.php?id=CVE-2024-29510
This lack of restriction permits arbitrary format strings with multiple specifiers, potentially leading to data leakage from the stack and memory corruption. • https://github.com/swsmith2391/CVE-2024-29510 https://bugs.ghostscript.com/show_bug.cgi?id=707662 https://codeanlabs.com/blog/research/cve-2024-29510-ghostscript-format-string-exploitation https://www.openwall.com/lists/oss-security/2024/07/03/7 https://access.redhat.com/security/cve/CVE-2024-29510 https://bugzilla.redhat.com/show_bug.cgi?id=2293950 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/fileformat/ghostscript_format_string_cve_2024_29510.rb • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •
CVE-2024-4322 – Path Traversal in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-4322
Successful exploitation of this vulnerability could allow an attacker to list all folders in the drive on the system, potentially leading to information disclosure. • https://huntr.com/bounties/5116d858-ce00-418c-a5a5-851c5608c209 • CWE-29: Path Traversal: '\..\filename' •