Lucene search
K

1201 matches found

OSV
OSV
added 2019/10/01 9:15 p.m.2 views

DEBIAN-CVE-2019-17075

An issue was discovered in writetptentry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dmamapsingle a DMA function from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used ...

7.5CVSS6.7AI score0.06236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/01 12:0 a.m.13 views

PT-2019-3613 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.3.2 Description: An issue was discovered in the write tpt entry function in drivers/infiniband/hw/cxgb4/mem.c. The cxgb4 driver is directly calling dma map single a DMA function from a stack variable. This coul...

10CVSS7.8AI score0.72105EPSS
Exploits146References919
Schneier on Security
Schneier on Security
added 2019/09/16 11:39 a.m.29 views

Another Side Channel in Intel Chips

Not that serious, but interesting: In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard and significantly longer path through t...

2.6AI score
Exploits0
ThreatPost
ThreatPost
added 2019/09/11 2:24 p.m.139 views

Intel CPUs Vulnerable to Sensitive Data Leakage in NetCAT Attack

Researchers have identified a new side-channel attack impacting all modern Intel server processors made since 2012. The vulnerability could allow bad actors to sniff out encrypted passwords as they are being typed into a secure shell session SSH; but, luckily, such an attack would be difficult to...

2.9CVSS0.1AI score0.00753EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2019/07/05 1:15 a.m.31 views

CVE-2019-13296

ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value...

6.5CVSS6.8AI score0.02131EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2019/07/05 12:50 a.m.38 views

CVE-2019-13296

ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value...

6.5CVSS6.1AI score0.02131EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.18 views

The vulnerability of the xudc_ep_enable handler implementation in Linux kernel allows a hacker to write data into the memory space of the operating system.

The vulnerability in the implementation of the xudcepenable handler of the loaded module in the drivers/usb/gadget/udc/udc-xilinx.ko kernel of the Linux operating system arises due to an out-of-bounds array access. Exploiting this vulnerability allows an attacker to write data into an unauthorize...

6.2CVSS5.5AI score
Exploits0Affected Software1
The Hacker News
The Hacker News
added 2019/02/27 12:9 p.m.1 views

New Flaws Re-Enable DMA Attacks On Wide Range of Modern Computers

Security researchers have discovered a new class of security vulnerabilities that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks. Known for years, Direct...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2018/10/05 2:0 p.m.27 views

CVE-2018-15383 Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability

A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service DoS...

7.6AI score0.02492EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/10/03 12:0 a.m.6 views

PT-2018-1852 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the cryptographic hardware accelerator driver could all...

7.8CVSS7.5AI score0.02492EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2018/06/29 4:59 p.m.2 views

RAMpage Attack Explained—Exploiting RowHammer On Android Again!

A team of security researchers has discovered a new set of techniques that could allow hackers to bypass all kind of present mitigations put in place to prevent DMA-based Rowhammer attacks against Android devices. Dubbed RAMpage , the new technique CVE-2018-9442 could re-enable an unprivileged...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2018/05/11 8:19 a.m.84 views

New Rowhammer Attack Can Hijack Computers Remotely Over the Network

Exploitation of Rowhammer attack just got easier. Dubbed 'Throwhammer,' the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards over the local area network. Known since 2012,...

1.3AI score
Exploits0
OSV
OSV
added 2018/05/10 1:29 p.m.5 views

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

9.8CVSS6.1AI score0.01311EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/04/24 12:35 p.m.3 views

Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released

Two separate teams of security researchers have published working proof-of-concept exploits for an unpatchable vulnerability in Nvidia's Tegra line of embedded processors that comes on all currently available Nintendo Switch consoles. Dubbed Fusée Gelée and ShofEL2, the exploits lead to a coldboo...

8.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2018/04/17 4:24 p.m.5 views

kernel: Incorrect type conversion for size during dma allocation

A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation...

9.3CVSS7.3AI score0.01231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/04/17 3:29 p.m.5 views

kernel: Incorrect type conversion for size during dma allocation

A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation...

9.3CVSS7.3AI score0.01231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/04/10 3:23 p.m.6 views

kernel: Incorrect type conversion for size during dma allocation

A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation...

9.3CVSS7.3AI score0.01231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/04/10 9:1 a.m.4 views

kernel: Incorrect type conversion for size during dma allocation

A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation...

9.3CVSS7.3AI score0.01231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/03/12 3:3 p.m.5 views

kernel: rds_message_alloc_sgs() function doesn't validate value used during DMA page allocation causes heap out-of-bounds write

In the Linux kernel through 4.14.13, the rdsmessageallocsgs function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write related to the rdsrdmaextrasize function in 'net/rds/rdma.c' and thus to a system panic. Due to the nature of the fla...

7.8CVSS6.7AI score0.00425EPSS
Exploits0References4
0day.today
0day.today
added 2017/12/20 12:0 a.m.21 views

TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Chan

Exploit for windows platform in category local exploits --- A proof of concept injectable C++ DLL, that uses naked inline hooking and direct memory modification to change TeamViewer permissions. Features As the Server - Enables extra menu item options on the right side pop-up menu. Most useful so...

7.2AI score
Exploits0
Rows per page
Query Builder