Lucene search
K

507 matches found

CNNVD
CNNVD
added 2020/12/15 12:0 a.m.8 views

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A buffer error vulnerability exists in Google Asylo version 0.6.0 and...

5.5CVSS6.3AI score0.00137EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.6 views

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. Google Asylo version 0.6.0 suffers from a buffer error vulnerability...

5.5CVSS6.5AI score0.00133EPSS
Exploits0References2
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.9 views

Google Asylo Buffer Error Vulnerability

Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Google Asylo version 0.6.0 and...

5.3CVSS5.9AI score0.00128EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/08 5:42 p.m.2 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
NVD
NVD
added 2020/11/30 10:15 p.m.28 views

CVE-2020-29438

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...

6.5CVSS6.5AI score0.00406EPSS
Exploits1References1
OSV
OSV
added 2020/11/30 10:15 p.m.2 views

CVE-2020-29438

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...

6.5CVSS5.8AI score0.00406EPSS
Exploits1References1
Prion
Prion
added 2020/11/30 10:15 p.m.17 views

Code injection

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...

3.3CVSS6.5AI score0.00406EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/30 9:24 p.m.27 views

CVE-2020-29438

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...

6.5AI score0.00406EPSS
Exploits1References1
CVE
CVE
added 2020/11/30 9:24 p.m.59 views

CVE-2020-29438

CVE-2020-29438 affects Tesla Model X key fob firmware prior to 2020-11-23. The vulnerability arises because key fobs accept firmware updates without signature verification, enabling an attacker to craft firmware that retrieves an unlock code from a secure enclave chip. Documents consistently desc...

6.5CVSS6.5AI score0.00406EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2020/11/30 12:0 a.m.10 views

Tesla Model X Data Falsification Issue Vulnerability

Tesla The Tesla Model X is a new energy vehicle from the American company Tesla. Tesla Model X vehicles versions prior to 2020-11-23 suffer from a security vulnerability that stems from having critical fobs that can accept firmware updates without signature verification.This allows an attacker to...

6.5CVSS6.7AI score0.00406EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/11/23 7:27 p.m.7 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/11/23 6:0 p.m.4 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/11/23 5:49 p.m.4 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/11/23 5:48 p.m.3 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/11/23 5:47 p.m.4 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
NCSC
NCSC
added 2020/11/12 12:0 a.m.5 views

Vulnerabilities in processors fixed

Researchers have found vulnerabilities in several processors. The vulnerabilities marked CVE-2020-8694 and CVE-2020-8695 have been named Platypus, an acronym for Power Leakage Attacks: Targeting Your Protected User Secrets. The vulnerabilities allow a local malicious person to obtain obtain...

5.5CVSS7.4AI score0.00446EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/11 10:19 a.m.4 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/11/11 9:48 a.m.5 views

hw: Information disclosure issue in Intel SGX via RAPL interface

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...

5.5CVSS6.7AI score0.00414EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2020/11/10 7:52 p.m.75 views

CVE-2020-8695

A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem. Mitigation Until a firmwar...

5.5CVSS4.1AI score0.00414EPSS
Exploits0References5
CNVD
CNVD
added 2020/10/21 12:0 a.m.2 views

Microsoft Open Enclave SDK Information Disclosure Vulnerability (CNVD-2020-64264)

Microsoft Open Enclave SDK is a Microsoft SDK Software Development Kit for building secure zone applications in C and C ++. A security vulnerability exists in Open Enclave versions prior to 0.12.0 that stems from an information disclosure vulnerability that exists when an Enclave application uses...

6.8CVSS6AI score0.00635EPSS
Exploits0References1
Rows per page
Query Builder