Monthly
Modal dialog reentry vulnerability in Foxit PDF Editor and Reader allows local attackers to trigger UI freeze and denial of service by supplying a crafted PDF document with a malicious action chain, requiring user interaction to open the file. The vulnerability stems from improper control flow management in document action handling and results in application unresponsiveness on the main thread. No public exploit code or active exploitation has been identified at the time of analysis.
Insufficient control flow management for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of. Rated high severity (CVSS 7.0). No vendor patch available.
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.
A security vulnerability in certain Zoom Clients for iOS (CVSS 6.5) that allows an unauthenticated user. Remediation should follow standard vulnerability management procedures.
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient control flow management for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow a privileged user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.8). No vendor patch available.
Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of. Rated high severity (CVSS 8.5). No vendor patch available.
Modal dialog reentry vulnerability in Foxit PDF Editor and Reader allows local attackers to trigger UI freeze and denial of service by supplying a crafted PDF document with a malicious action chain, requiring user interaction to open the file. The vulnerability stems from improper control flow management in document action handling and results in application unresponsiveness on the main thread. No public exploit code or active exploitation has been identified at the time of analysis.
Insufficient control flow management for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Rated high severity (CVSS 8.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.
Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of. Rated high severity (CVSS 7.0). No vendor patch available.
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available.
A security vulnerability in certain Zoom Clients for iOS (CVSS 6.5) that allows an unauthenticated user. Remediation should follow standard vulnerability management procedures.
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Insufficient control flow management for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow a privileged user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.8). No vendor patch available.
Insufficient control flow management in the Alias Checking Trusted Module for some Intel(R) Xeon(R) 6 processor E-Cores firmware may allow a privileged user to potentially enable escalation of. Rated high severity (CVSS 8.5). No vendor patch available.