CVSS: 7.1EPSS: 8%CPEs: 20EXPL: 2CVE-2025-26465 – Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled
https://notcve.org/view.php?id=CVE-2025-26465
18 Feb 2025 — A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. It was discovered that the OpenSSH client incorrectly handled ... • https://github.com/rxerium/CVE-2025-26465 • CWE-390: Detection of Error Condition Without Action •
CVSS: 8.6EPSS: 0%CPEs: 30EXPL: 0CVE-2022-28693 – hw: cpu: Intel: information disclosure via local access
https://notcve.org/view.php?id=CVE-2022-28693
14 Feb 2025 — Unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00707.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-420: Unprotected Alternate Channel •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2024-52337 – Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
https://notcve.org/view.php?id=CVE-2024-52337
26 Nov 2024 — A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged str... • https://access.redhat.com/errata/RHSA-2024:10381 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 13EXPL: 0CVE-2024-10963 – Pam: improper hostname interpretation in pam_access leads to access control bypass
https://notcve.org/view.php?id=CVE-2024-10963
07 Nov 2024 — A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control. A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability... • https://access.redhat.com/security/cve/CVE-2024-10963 • CWE-287: Improper Authentication •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-23984 – Ubuntu Security Notice USN-7033-1
https://notcve.org/view.php?id=CVE-2024-23984
16 Sep 2024 — Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controller when using Intel SGX. This may allow a local privileged attacker to further escalate their privileges. It was discovered that some 4th and 5th Generation Intel Xeon Processors did not properly implement finite... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html • CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 0%CPEs: 15EXPL: 0CVE-2024-24968 – microcode_ctl: Denial of Service
https://notcve.org/view.php?id=CVE-2024-24968
16 Sep 2024 — Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. A flaw was found in intel Processors. Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to enable a denial of service via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controlle... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html • CWE-1245: Improper Finite State Machines (FSMs) in Hardware Logic •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2024-24853 – Ubuntu Security Notice USN-6967-1
https://notcve.org/view.php?id=CVE-2024-24853
14 Aug 2024 — Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. It was discovered that some Intel® Coreâ„¢ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authen... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html • CWE-696: Incorrect Behavior Order •
CVSS: 6.9EPSS: 0%CPEs: 15EXPL: 0CVE-2024-24980 – Ubuntu Security Notice USN-6967-1
https://notcve.org/view.php?id=CVE-2024-24980
14 Aug 2024 — Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. It was discovered that some Intel® Coreâ„¢ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authenticated user could potentiall... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html • CWE-693: Protection Mechanism Failure •
CVSS: 6.7EPSS: 0%CPEs: 15EXPL: 0CVE-2024-25939 – Ubuntu Security Notice USN-6967-1
https://notcve.org/view.php?id=CVE-2024-25939
14 Aug 2024 — Mirrored regions with different values in 3rd Generation Intel(R) Xeon(R) Scalable Processors may allow a privileged user to potentially enable denial of service via local access. It was discovered that some Intel® Coreâ„¢ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authenticated user could potentially use ... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html • CWE-1251: Mirrored Regions with Different Values •
CVSS: 10.0EPSS: 0%CPEs: 39EXPL: 0CVE-2024-6345 – Remote Code Execution in pypa/setuptools
https://notcve.org/view.php?id=CVE-2024-6345
15 Jul 2024 — A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. Una vulnerabilidad en el módulo package_in... • https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •