Lucene search
K

41 matches found

Cvelist
Cvelist
added 2025/07/08 4:7 p.m.13 views

CVE-2025-3648 Data Inference in Now Platform via Conditional ACLs

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

8.2CVSS0.01664EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/07/08 4:7 p.m.9 views

CVE-2025-3648 Data Inference in Now Platform via Conditional ACLs

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

8.2CVSS6.9AI score0.01664EPSS
Exploits0References3
CVE
CVE
added 2025/07/08 4:7 p.m.58 views

CVE-2025-3648

The CVE-2025-3648 entry concerns the Now Platform, where data could be inferred without authorization under certain conditional ACL configurations. The vulnerability allows unauthenticated and authenticated users to use range query requests to infer instance data not meant to be accessible. Techn...

8.2CVSS6.3AI score0.01664EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.4 views

AMD Processors 安全漏洞

AMD Processors is a processor from Ultraviolet Semiconductor AMD. AMD Processors suffers from a security vulnerability that stems from the possibility that an attacker could infer previously stored data, potentially leading to the disclosure of privileged information...

5.6CVSS7.5AI score0.00425EPSS
Exploits0References4
Xen Project
Xen Project
added 2024/03/12 5:6 p.m.85 views

x86: Register File Data Sampling

ISSUE DESCRIPTION Intel have disclosed RFDS, Register File Data Sampling, affecting some Atom cores. This came from internal validation work. There is no information provided about how an attacker might go about inferring data from the register files. For more details, see:...

6.5CVSS6.6AI score0.00546EPSS
Exploits0
Xen Project
Xen Project
added 2023/08/08 5:0 p.m.55 views

x86/Intel: Gather Data Sampling

ISSUE DESCRIPTION A researcher has discovered Gather Data Sampling, a transient execution side-channel whereby the AVX GATHER instructions can forward the content of stale vector registers to dependent instructions. The physical register file is a structure competitively shared between sibling...

6.5CVSS6.8AI score0.03882EPSS
Exploits1
NVD
NVD
added 2022/05/11 5:15 p.m.20 views

CVE-2021-46744

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

6.5CVSS0.00328EPSS
Exploits0References2
Prion
Prion
added 2022/05/11 5:15 p.m.20 views

Design/Logic Flaw

An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time...

2.1CVSS6.3AI score0.00328EPSS
Exploits0References2
CVE
CVE
added 2022/05/11 4:40 p.m.112 views

CVE-2021-46744

Technical details about CVE-2021-46744 are not publicly provided in the supplied Connected documents. The initial entry mentions a SEV data-inference risk on AMD SEV guests, but no product/version/root-cause/fix is given here. Monitor for updates.

6.5CVSS6.3AI score0.00328EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/03/09 6:17 p.m.114 views

CVE-2022-25368

CVE-2022-23960 describes Spectre-BHB: an attack on ARM Cortex and Neoverse CPUs that abuse the Branch History Buffer (BHB) to influence mispredicted branches, enabling a cache-related side-channel and potential information disclosure across security contexts. Affected: ARM Cortex and Neoverse pro...

4.7CVSS4.8AI score0.00294EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:2108-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.00611EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2021/03/20 11:59 p.m.45 views

CVE-2018-12130

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

6.2CVSS1.8AI score0.01553EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2020/07/09 11:16 a.m.18 views

Traffic Analysis of Home Security Cameras

Interesting research on home security cameras with cloud storage. Basically, attackers can learn very basic information about what's going on in front of the camera, and infer when there is someone home. News article. Slashdot thread...

3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/06/11 1:37 p.m.8 views

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

5.9CVSS7AI score0.01553EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/05/14 9:10 p.m.6 views

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

5.9CVSS7AI score0.01553EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/05/14 6:41 p.m.3 views

hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)

A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer...

5.9CVSS7AI score0.01553EPSS
Exploits0References5
OSV
OSV
added 2018/07/27 1:39 p.m.3 views

SUSE-SU-2018:2113-1 Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP1)

This update for the Linux Kernel 3.12.74-606460 fixes several issues. The following security issue was fixed: - CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially have allowed a local process to infer data fro...

5.6CVSS5.7AI score0.00611EPSS
Exploits0References4
OSV
OSV
added 2018/07/27 1:38 p.m.4 views

SUSE-SU-2018:2105-1 Security update for the Linux Kernel (Live Patch 24 for SLE 12)

This update for the Linux Kernel 3.12.61-5283 fixes several issues. The following security issue was fixed: - CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially have allowed a local process to infer data from...

5.6CVSS5.7AI score0.00611EPSS
Exploits0References4
OSV
OSV
added 2018/07/27 1:38 p.m.7 views

SUSE-SU-2018:2096-1 Security update for the Linux Kernel (Live Patch 32 for SLE 12)

This update for the Linux Kernel 3.12.61-52122 fixes several issues. The following security issue was fixed: - CVE-2018-3665: System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially have allowed a local process to infer data from...

5.6CVSS5.7AI score0.00611EPSS
Exploits0References4
Prion
Prion
added 2018/06/21 8:29 p.m.28 views

Command injection

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel...

4.7CVSS6.2AI score0.00611EPSS
Exploits0References25Affected Software14
Rows per page
Query Builder