17 results (0.007 seconds)

CVSS: 8.8EPSS: 0%CPEs: 446EXPL: 1

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en Intel(R) Processors que pueden permitir que un usuario autenticado potencialmente habilite la escalada de privilegios y/o la divulgación de información y/o la denegación de servicio a través del acceso local. • https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar- http://www.openwall.com/lists/oss-security/2023/11/14/4 http://www.openwall.com/lists/oss-security/2023/11/14/5 http://www.openwall.com/lists/oss-security/2023/11/14/6 http://www.openwall.com/lists/oss-security/2023/11/14/7 http://www.openwall.com/lists/oss-security/2023/11/14/8 http://www.openwall.com/lists/oss-security/2023/11/14/9 https://lists.debian.org/debian-lts-announce/2023/12/ • CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •

CVSS: 7.2EPSS: 0%CPEs: 383EXPL: 0

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. La inyección de errores no autorizada en Intel(R) SGX o Intel(R) TDX para algunos procesadores Intel(R) Xeon(R) puede permitir que un usuario privilegiado habilite potencialmente la escalada de privilegios a través del acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J https://security.netapp.com/advisory/ntap-20230915-0003 https://www.debian.org/security/2023/dsa-5474 • CWE-1334: Unauthorized Error Injection Can Degrade Hardware Redundancy •

CVSS: 6.0EPSS: 0%CPEs: 414EXPL: 0

Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OL7WI2TJCWSZIQP2RIOLWHOKLM25M44J https://security.netapp.com/advisory/ntap-20230824-0003 https://www.debian.org/security/2023/dsa-5474 • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 1575EXPL: 2

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. La exposición de información a través del estado microarquitectónico tras la ejecución transitoria en determinadas unidades de ejecución vectorial de algunos procesadores Intel(R) puede permitir a un usuario autenticado la divulgación potencial de información a través del acceso local. A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors. This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html https://access.redhat.com/solutions/7027704 https://aws.amazon.com/security/security-bulletins/AWS-2023-007 https://downfall.page https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR https://lists.fedoraproject.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy CWE-1342: Information Exposure through Microarchitectural State after Transient Execution •

CVSS: 4.4EPSS: 0%CPEs: 2024EXPL: 0

Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. La gestión insuficiente del flujo de control en el firmware de la BIOS para algunos procesadores Intel(R) puede permitir que un usuario con privilegios habilite potencialmente la denegación de servicio mediante acceso local. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-691: Insufficient Control Flow Management •