Lucene search
K

324 matches found

OSV
OSV
added 2021/11/16 6:15 p.m.5 views

CVE-2021-26326

Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...

7.8CVSS7.1AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2021/11/16 6:15 p.m.21 views

CVE-2021-26326

Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...

7.8CVSS0.00253EPSS
Exploits0References1
Prion
Prion
added 2021/11/16 6:15 p.m.20 views

Authorization

Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...

7.2CVSS7.5AI score0.00253EPSS
Exploits0References1Affected Software20
CVE
CVE
added 2021/11/16 6:14 p.m.55 views

CVE-2021-26323

CVE-2021-26323 relates to an input validation failure in AMD SNP/SEV handling. The issue is described as: failure to validate SEV Commands while SNP is active may impact memory integrity. Affected technology includes AMD Secure Processor components with SEV/SNP, impacting memory integrity (CVE se...

7.8CVSS7.5AI score0.00238EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/16 6:14 p.m.22 views

CVE-2021-26323

Failure to validate SEV Commands while SNP is active may result in a potential impact to memory integrity...

7.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/16 5:52 p.m.24 views

CVE-2021-26326

Failure to validate VMHSAVEPA during SNPINIT may result in a loss of memory integrity...

7.8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2021/11/16 5:52 p.m.47 views

CVE-2021-26326

CVE-2021-26326 describes a failure to validate VM_HSAVE_PA during SNP_INIT that can compromise memory integrity on AMD platforms. Public details in connected sources indicate the vulnerability affects AMD 3rd Gen EPYC processors (Milan) per the AMD Server Vulnerabilities bulletin AMD-SB-1021, wit...

7.8CVSS7.5AI score0.00253EPSS
Exploits0References1Affected Software1
Malwarebytes
Malwarebytes
added 2021/10/05 9:0 a.m.37 views

Windows 11 is out. Is it any good for security?

Windows 11, the latest operating system OS from Microsoft, launches today, and organizations have begun asking themselves when and if they should upgrade from Windows 10 or older versions. The requirements and considerations of each organization will be different, and many things will inform the...

6.8AI score
Exploits0
OSV
OSV
added 2021/04/02 6:15 p.m.1 views

CVE-2020-27949

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace...

5.5CVSS6.7AI score0.00977EPSS
Exploits2References1
CNVD
CNVD
added 2021/03/05 12:0 a.m.5 views

grub2 authorization issue vulnerability

grub2 is a Linux system boot program from the GNU community. A security vulnerability in versions of grub2 prior to 2.06, where the cutmem command does not support secure boot locking, allows a privileged attacker to remove address ranges from memory, thus giving the opportunity to bypass secure...

7.5CVSS6.8AI score0.0039EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2021/01/11 4:23 p.m.72 views

New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

VBS and HVCI-enabled devices help protect from advanced attacks Escalation of privilege attacks are a malicious actor’s best friend, and they often target sensitive information stored in memory. These kinds of attacks can turn a minor user mode compromise into a full compromise of your OS and...

7.1AI score
Exploits0
OSV
OSV
added 2020/09/30 7:15 p.m.7 views

CVE-2020-14375

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhostcrypto has validate...

7.8CVSS8.4AI score
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.6 views

The vulnerability in the Bluetooth Network Encapsulation Protocol (BNEP) operating system’s profile allows a intruder to execute arbitrary code within the context of a privileged process.

The vulnerability in the Bluetooth Network Encapsulation Protocol BNEP service of the Android operating system lies in the loss of a whole bit. Exploiting this vulnerability allows an attacker to compromise the integrity of memory and gain full control over the device...

7.9CVSS7.8AI score0.02099EPSS
Exploits2References12Affected Software1
Lenovo
Lenovo
added 2016/07/22 12:0 a.m.71 views

Row Hammer Privilege Escalation

Lenovo Security Advisory: LEN-2015-009 Potential Impact: Escalation of Privilege Severity: Medium Summary: The Passgate issue aka “Row Hammer” is an inherent design/process limitation in memory for sub 40nm technology such as DDR3/DDR3L/LPDDR2/LPDDR3/GDDR5 that can cause errors in rows of memory...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.8 views

The vulnerability of the Adobe AIR software platform allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the Adobe AIR software platform is related to memory integrity violations. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

10CVSS6AI score0.05307EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.7 views

The vulnerability of the QEMU hardware emulation software allows a malicious actor to trigger a failure in the host operating system’s maintenance or execute arbitrary code.

The QEMU software contains a vulnerability related to buffer overflows when the virtionethandlemac function is called to update the MAC address table of the guest operating system. This allows the user of the guest operating system to compromise the integrity of the dynamic memory of the host...

4.9CVSS7.2AI score0.00711EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.6 views

The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures

The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...

10CVSS8.2AI score0.05975EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.5 views

The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures

The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...

10CVSS8.4AI score0.05511EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.6 views

The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures

The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...

10CVSS8.2AI score0.7983EPSS
Exploits6References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/15 12:0 a.m.4 views

The vulnerability of the Flash Player software platform, which allows a perpetrator to execute arbitrary code or cause service failures

The vulnerability of the Flash Player software is related to a breach of memory integrity. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code or cause service failures...

10CVSS8.4AI score0.05511EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder