324 matches found
CVE-2021-26326
Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...
CVE-2021-26326
Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...
Authorization
Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...
CVE-2021-26323
CVE-2021-26323 relates to an input validation failure in AMD SNP/SEV handling. The issue is described as: failure to validate SEV Commands while SNP is active may impact memory integrity. Affected technology includes AMD Secure Processor components with SEV/SNP, impacting memory integrity (CVE se...
CVE-2021-26323
Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity...
CVE-2021-26326
Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...
CVE-2021-26326
CVE-2021-26326 describes a failure to validate VM_HSAVE_PA during SNP_INIT that can compromise memory integrity on AMD platforms. Public details in connected sources indicate the vulnerability affects AMD 3rd Gen EPYC processors (Milan) per the AMD Server Vulnerabilities bulletin AMD-SB-1021, wit...
Windows 11 is out. Is it any good for security?
Windows 11, the latest operating system OS from Microsoft, launches today, and organizations have begun asking themselves when and if they should upgrade from Windows 10 or older versions. The requirements and considerations of each organization will be different, and many things will inform the...
CVE-2020-27949
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace...
grub2 authorization issue vulnerability
grub2 is a Linux system boot program from the GNU community. A security vulnerability in versions of grub2 prior to 2.06, where the cutmem command does not support secure boot locking, allows a privileged attacker to remove address ranges from memory, thus giving the opportunity to bypass secure...
New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely
VBS and HVCI-enabled devices help protect from advanced attacks Escalation of privilege attacks are a malicious actor’s best friend, and they often target sensitive information stored in memory. These kinds of attacks can turn a minor user mode compromise into a full compromise of your OS and...
CVE-2020-14375
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...
The vulnerability in the Bluetooth Network Encapsulation Protocol (BNEP) operating system’s profile allows a intruder to execute arbitrary code within the context of a privileged process.
The vulnerability in the Bluetooth Network Encapsulation Protocol BNEP service of the Android operating system lies in the loss of a whole bit. Exploiting this vulnerability allows an attacker to compromise the integrity of memory and gain full control over the device...
Row Hammer Privilege Escalation
Lenovo Security Advisory: LEN-2015-009 Potential Impact: Escalation of Privilege Severity: Medium Summary: The Passgate issue aka “Row Hammer” is an inherent design/process limitation in memory for sub 40nm technology such as DDR3/DDR3L/LPDDR2/LPDDR3/GDDR5 that can cause errors in rows of memory...
The vulnerability of the Adobe AIR software platform allows a perpetrator to execute arbitrary code or cause service failures.
The vulnerability of the Adobe AIR software platform is related to memory integrity violations. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...
The vulnerability of the QEMU hardware emulation software allows a malicious actor to trigger a failure in the host operating system’s maintenance or execute arbitrary code.
The QEMU software contains a vulnerability related to buffer overflows when the virtionethandlemac function is called to update the MAC address table of the guest operating system. This allows the user of the guest operating system to compromise the integrity of the dynamic memory of the host...
The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures
The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...
The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures
The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...
The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures
The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...
The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures
The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...