Lucene search
K

507 matches found

OSV
OSV
added 2019/11/12 7:15 p.m.33 views

CVE-2019-1370

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01538EPSS
Exploits0References1
Prion
Prion
added 2019/11/12 7:15 p.m.15 views

Information disclosure

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

2.1CVSS5.2AI score0.01538EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/12 6:52 p.m.48 views

CVE-2019-1370

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.2AI score0.01538EPSS
Exploits0References1
CVE
CVE
added 2019/11/12 6:52 p.m.73 views

CVE-2019-1370

CVE-2019-1370 is an information-disclosure vulnerability in affected Open Enclave SDK versions caused by improper handling of objects in memory. The issue allows an attacker who has compromised the host application running the enclave to access sensitive information stored in the enclave. Microso...

5.5CVSS5.1AI score0.01538EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2019/11/12 8:0 a.m.28 views

Open Enclave SDK Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information stored in the Enclave. To exploit this vulnerability, an attacker would have to successful...

7CVSS1.4AI score0.01538EPSS
Exploits0
Symantec
Symantec
added 2019/11/12 12:0 a.m.34 views

Microsoft Open Enclave SDK CVE-2019-1370 Information Disclosure Vulnerability

Description Microsoft Open Enclave SDK is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Open Enclave SDK Recommendations Permit local access for trusted individual...

0.5AI score0.01538EPSS
Exploits0
Kaspersky
Kaspersky
added 2019/11/12 12:0 a.m.37 views

KLA11607 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Visual Studio can be exploited remotely ...

6.5CVSS6.3AI score0.03116EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2019/11/04 12:0 a.m.3 views

The vulnerability of the Open Enclave SDK, a software development tool, is related to an error in object processing in memory, which allows a hacker to disclose sensitive information that is protected by this security measure.

The vulnerability of the Open Enclave SDK software development tools is related to an object handling error in memory. Exploiting this vulnerability can allow a remote attacker to gain access to protected information...

7.8CVSS5.5AI score0.01976EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/10/10 2:15 p.m.18 views

CVE-2019-1369

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.5CVSS5.1AI score0.01976EPSS
Exploits0References1
OSV
OSV
added 2019/10/10 2:15 p.m.27 views

CVE-2019-1369

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01976EPSS
Exploits0References1
Prion
Prion
added 2019/10/10 2:15 p.m.17 views

Information disclosure

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

2.1CVSS5.3AI score0.01976EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/10 1:28 p.m.19 views

CVE-2019-1369

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'...

5.4AI score0.01976EPSS
Exploits0References1
CVE
CVE
added 2019/10/10 1:28 p.m.77 views

CVE-2019-1369

Summary: CVE-2019-1369 is an information-disclosure vulnerability in Microsoft Open Enclave SDK. The issue arises when affected Open Enclave SDK versions improperly handle objects in memory, enabling an attacker to obtain information stored in the Enclave. The Red Hat/NVD/OSV/MSRC entries corrobo...

5.5CVSS5.2AI score0.01976EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/10/10 12:0 a.m.4 views

Microsoft Open Enclave SDK Information Disclosure Vulnerability (CNVD-2019-35568)

Microsoft Open Enclave SDK is a Microsoft SDK Software Development Kit for building secure zone applications in C and C ++. An information disclosure vulnerability exists in the Microsoft Open Enclave SDK that stems from the program failing to properly handle objects in memory, which can be...

5.5CVSS6.1AI score0.01976EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2019/10/08 10:24 a.m.80 views

New Unpatchable iPhone Exploit Allows Jailbreaking

A new iOS exploit allows jailbreaking of pretty much all version of the iPhone. This is a huge deal for Apple, but at least it doesn't allow someone to remotely hack people's phones. Some details: I wanted to learn how Checkm8 will shape the iPhone experience­ -- particularly as it relates to...

1.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/10/08 7:0 a.m.29 views

Open Enclave SDK Information Disclosure Vulnerability

An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information stored in the Enclave. To exploit this vulnerability, an attacker would have to successful...

5.5CVSS1.4AI score0.01976EPSS
Exploits0
Kaspersky
Kaspersky
added 2019/10/08 12:0 a.m.36 views

KLA11575 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Azure Stack can be exploited remote...

10CVSS8AI score0.17833EPSS
Exploits0References6
Symantec
Symantec
added 2019/10/08 12:0 a.m.83 views

Microsoft Open Enclave SDK CVE-2019-1369 Information Disclosure Vulnerability

Description Microsoft Open Enclave SDK is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Open Enclave SDK Recommendations Run all software as a nonprivileged user...

0.3AI score0.01976EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2019/08/30 11:18 a.m.50 views

Attacking the Intel Secure Enclave

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy code. Of course, that's not true. And there are no security mechanisms that can deal with malicious enclaves, because the designers...

1.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.6 views

The vulnerability of the Open Enclave SDK, a software development tool, is related to an error in object processing in memory, which allows a hacker to disclose sensitive information that is protected by this security measure.

The vulnerability of the Open Enclave SDK software development tools is related to an object handling error in memory. Exploiting this vulnerability can allow a remote attacker to gain access to protected information...

5.9CVSS6.5AI score0.0156EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder