9731 matches found
Security Notice: CPU Speculative Side Channel Vulnerabilities
NVIDIA's response to CPU speculative side channel vulnerabilities CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 January 3, 2018 This notice is in response to Google Project Zero's publication of novel information disclosure attacks that combine CPU speculative execution with known side channels...
CVE-2017-15316
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334C00 and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334C00 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application ca...
CVE-2017-15316
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334C00 and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334C00 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application ca...
Double free
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334C00 and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334C00 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application ca...
CVE-2017-15316
The GPU driver of Mate 9 Huawei smart phones with software before MHA-AL00B 8.0.0.334C00 and Mate 9 Pro Huawei smart phones with software before LON-AL00B 8.0.0.334C00 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application ca...
CVE-2017-15316
The CVE-2017-15316 issue is a memory double free vulnerability in Huawei’s Mate 9 Mate 9 Pro GPU driver (MHA-AL00B 8.0.0.334(C00) / LON-AL00B 8.0.0.334(C00)). The flaw exists in the Mali GPU driver and can be triggered when a user installs a malicious app calling a specific API, potentially crash...
Intel Content Protection HECI Service - Type Confusion Privilege Escalation Exploit
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1358 Intel Content Protection HECI Service Type Confusion EoP Platform: Tested on Windows 10, service version 9.0.2.117 Class: Elevation of Privilege Summary: The Intel Content...
Intel Content Protection HECI Service - Type Confusion Privilege Escalation
Intel Content Protection HECI Service - Type Confusion Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1358 Intel Content Protection HECI Service Type Confusion EoP Platform: Tested on Windows 10, service version 9.0.2.117 Class: Elevation of Privilege...
Intel Content Protection HECI Service - Type Confusion Privilege Escalation
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1358 Intel Content Protection HECI Service Type Confusion EoP Platform: Tested on Windows 10, service version 9.0.2.117 Class: Elevation of Privilege Summary: The Intel Content Protection HECI Service exposes a DCOM object to all...
Fedora 26 : linux-firmware (2017-a253644369)
Updated bcm 4339 4354 4356 4358 firmware, new bcm 43430 - Fixes CVE-2016-0801 CVE-2017-0561 CVE-2017-9417 ---- - Updated Intel GPU, amdgpu, iwlwifi, mvebu wifi, liquidio, QCom a530 & Venus, mlxsw, qed - Add iwlwifi 9000 series Note that Tenable Network Security has extracted the preceding...
Claymore Dual ETH + DCRSCLBCPASC GPU Miner - Stack Buffer Overflow Path Traversal
Claymore Dual ETH + DCRSCLBCPASC GPU Miner - Stack Buffer Overflow Path Traversal !/usr/bin/env python -- coding: UTF-8 -- github.com/tintinweb optional: pip install pysocks https://pypi.python.org/pypi/PySocks ''' API overview: nc -L -p 3333 "id":0,"jsonrpc":"2.0","method":"minergetstat1"...
How to configure H.265 video VDA encoding for NVIDIA GPUs
Support for H.265 Encoding/Decoding H.265 video encoding on 7.16 VDAs with H.265-compatible NVIDIA GPUs and H.265 video decoding on Citrix Receiver for Windows 4.10 is supported for hardware acceleration of remote graphics and videos...
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
!/usr/bin/env python -- coding: UTF-8 -- github.com/tintinweb optional: pip install pysocks https://pypi.python.org/pypi/PySocks ''' API overview: nc -L -p 3333 "id":0,"jsonrpc":"2.0","method":"minergetstat1" "id":0,"jsonrpc":"2.0","method":"minerfile","params":"epools.txt",""...
Claymore's Dual Ethereum Miner unauth stack buffer overflow(CVE-2017-16929)
VuNote =================== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16929 Version: 0.2 Date: Nov 30th, 2017 Tag: claymore dual ethereum decred crypto currency miner Overview -------- Name: Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner Vendor: nanopool/claymore...
Directory traversal
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16929
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16929
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16930
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging...
CVE-2017-16929
The CVE-2017-16929 issue affects Claymore’s Dual ETH + DCR/SC/LBC/PASC GPU Miner (version 10.1 and earlier) where the remote management interface allows authenticated path traversal via miner_file/miner_getfile. The vulnerability arises from missing path validation, enabling an attacker to read/w...
CVE-2017-16930
Claymore's Dual ETH miner (GPU) remote management interface in version 10.1 is affected by an unauthenticated stack-based buffer overflow triggered by logging an overly long API request. The vulnerability arises from logging via sprintf into a fixed-size 0x4000-byte buffer, enabling potential rem...