Monthly
Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Improper BIOS initialization in certain ThinkPad models enables local privileged users to modify system data and execute arbitrary code with high integrity impact. The vulnerability requires elevated privileges and local access, posing a risk to organizations where administrative users may be compromised or untrusted. No patch is currently available.
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages. [CVSS 7.5 HIGH]
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point.
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity
Ethernet 800-Serie versions up to 2.2.2.0 contains a vulnerability that allows attackers to an information disclosure (CVSS 3.3).
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. [CVSS 2.9 LOW]
Unauthenticated network-based attackers can cause a denial of service on Juniper EX4000-48T, EX4000-48P, and EX4000-48MP switches by sending high-volume traffic that crashes the FXPC component and forces a device restart. The vulnerability stems from improper resource initialization in the Internal Device Manager and results in complete service outage until automatic recovery completes. Affected versions include Junos OS 24.4 before 24.4R2 and 25.2 before 25.2R1, with no patch currently available.
Improper initialization in the PFCP handler function ogs_pfcp_handle_create_pdr within Open5GS up to version 2.7.5 allows remote attackers to trigger information disclosure with high attack complexity. The vulnerability has a publicly available proof-of-concept and carries a very low EPSS score (0.15%), indicating minimal real-world exploitation probability despite public availability of exploit code. CVSS 2.9 reflects the limited technical impact (availability of confidentiality only), but the high complexity and resource requirements make practical attacks difficult.
Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
Improper BIOS initialization in certain ThinkPad models enables local privileged users to modify system data and execute arbitrary code with high integrity impact. The vulnerability requires elevated privileges and local access, posing a risk to organizations where administrative users may be compromised or untrusted. No patch is currently available.
An issue was discovered in LBS in Samsung Mobile Processor Exynos 2200. There was no check for memory initialization within DL NAS Transport messages. [CVSS 7.5 HIGH]
filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point.
Missing Checks in certain functions related to RMP initialization can allow a local admin privileged attacker to cause misidentification of I/O memory, potentially resulting in a loss of guest memory integrity
Ethernet 800-Serie versions up to 2.2.2.0 contains a vulnerability that allows attackers to an information disclosure (CVSS 3.3).
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. [CVSS 2.9 LOW]
Unauthenticated network-based attackers can cause a denial of service on Juniper EX4000-48T, EX4000-48P, and EX4000-48MP switches by sending high-volume traffic that crashes the FXPC component and forces a device restart. The vulnerability stems from improper resource initialization in the Internal Device Manager and results in complete service outage until automatic recovery completes. Affected versions include Junos OS 24.4 before 24.4R2 and 25.2 before 25.2R1, with no patch currently available.
Improper initialization in the PFCP handler function ogs_pfcp_handle_create_pdr within Open5GS up to version 2.7.5 allows remote attackers to trigger information disclosure with high attack complexity. The vulnerability has a publicly available proof-of-concept and carries a very low EPSS score (0.15%), indicating minimal real-world exploitation probability despite public availability of exploit code. CVSS 2.9 reflects the limited technical impact (availability of confidentiality only), but the high complexity and resource requirements make practical attacks difficult.
Improper resource management in firmware of some Solidigm DC Products may allow an attacker with local or physical access to gain un-authorized access to a locked Storage Device or create a Denial of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.