Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.

`bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree on the host. Affected versions of bhyveload(8) do not make any attempt to restrict loader's access to <host-path>, allowing the loader to read any file the host user has access to. In the bhyveload(8) model, the host supplies a userboot.so to boot with, but the loader scripts generally come from the guest image. A maliciously crafted script could be used to exfiltrate sensitive data from the host accessible to the user running bhyhveload(8), which is often the system root.

CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.

Improper buffer restrictions in Intel(R) Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow a privileged user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.

A hidden interface in Motorola CX2L Router firmware v1.0.1 leaks information regarding the SystemWizardStatus component via sending a crafted request to device_web_ip.