Lucene search
K

67 matches found

ATTACKERKB
ATTACKERKB
added 2023/03/01 8:15 a.m.1 views

CVE-2022-27672

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure...

4.7CVSS5.8AI score0.00289EPSS
Exploits0References3
OSV
OSV
added 2023/03/01 8:15 a.m.27 views

CVE-2022-27672

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure...

4.7CVSS5.8AI score
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/16 3:3 a.m.3 views

SUSE CVE-2022-27672

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure...

5.6CVSS6.3AI score0.00289EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.4 views

SUSE CVE-2009-2910

arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x8664 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode...

2.1CVSS6.2AI score0.00414EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.4 views

SUSE CVE-2016-1548

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimat...

7.2CVSS8.8AI score0.03844EPSS
Exploits3References13
RedHat Linux
RedHat Linux
added 2022/05/10 1:58 p.m.1 views

hw: cpu: intel: Branch History Injection (BHI)

A flaw was found in hw. The Branch History Injection BHI describes a specific form of intra-mode BTI. This flaw allows an unprivileged attacker to manipulate the branch history before transitioning to supervisor or VMX root mode. This issue is an effort to cause an indirect branch predictor to...

6.5CVSS6.8AI score0.00508EPSS
Exploits0References7
ICS
ICS
added 2022/03/31 12:0 a.m.101 views

Rockwell Automation Logix Controllers

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: Logix Controllers Vulnerability: Inclusion of Functionality from Untrusted Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...

10CVSS8.7AI score0.05013EPSS
Exploits0References5
Patchstack
Patchstack
added 2022/03/30 12:0 a.m.14 views

WordPress Curtain plugin <= 1.0.1 - Unauthenticated Maintenance Mode Switch vulnerability

Unauthenticated Maintenance Mode Switch vulnerability discovered by Hassan Khan Yusufzai Splint3r7 in WordPress Curtain plugin versions = 1.0.1. Solution Update the WordPress Curtain plugin to the latest available version at least 1.0.2...

2.1AI score
Exploits0References2Affected Software1
OSV
OSV
added 2021/12/21 9:9 a.m.10 views

ALBA-2021:5233 gnome-shell-extensions bug fix and enhancement update

GNOME Shell extensions allow for modifying the default GNOME Shell interface and its parts, such as window management and application launching. Bug Fixes and Enhancements: Disable unfullscreen gesture or a function to switch between normal mode and fullscreen mode BZ2009192 Desktop icons extensi...

7.1AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.15 views

GSD-2021-1000098 usb: dwc3: core: Do core softreset when switch mode

usb: dwc3: core: Do core softreset when switch mode This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11.20 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/04/15 12:0 a.m.5 views

PT-2021-8277 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the usb: dwc3: core: Do core softreset when switch mode in the Linux kernel. According to the programming guide, to switch mode for DRD controller, the driver...

7.8CVSS6.5AI score0.08555EPSS
Exploits5References450
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.7 views

The vulnerability of Intel Graphics Driver drivers is related to errors in handling the kernel mode switch, which allows attackers to exploit their privileges.

The vulnerability of Intel Graphics Driver drivers is related to errors in handling the kernel mode switch. Exploiting this vulnerability can allow an attacker to gain increased privileges...

8.8CVSS7.2AI score0.00264EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2020/06/22 12:28 p.m.6 views

expat: heap-based buffer over-read via crafted XML input

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read...

7.5CVSS6.9AI score0.06643EPSS
Exploits1References4
OSV
OSV
added 2019/11/18 6:15 p.m.3 views

CVE-2019-5688

NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool prior to 2019-11, NVIDIA kernel mode driver nvflash.sys, nvflsh32.sys, and nvflsh64.sys contains a vulnerability in which authenticated users with administrative privileges can gain access to device memory and registers of oth...

6.7CVSS6.7AI score0.00367EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/08/10 5:19 a.m.1910 views

ZTE MF910 – An end of life router, running lots of vivacious hidden code

You might be here because you saw our talk at Defcon 27. You might want to watch that for the full rundown! The ZTE MF910 is a really interesting router for reversing, mainly because it’s full of nice debug calls, and underused functionality. Also, it’s never going to get patched, and it’s really...

7.5CVSS9AI score0.02945EPSS
Exploits0
Prion
Prion
added 2019/07/31 6:15 p.m.20 views

Buffer overflow

A vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an adjacent, unauthenticated attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges. T...

8.3CVSS9AI score0.01073EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/04 8:0 p.m.93 views

CVE-2019-1890

CVE-2019-1890 affects Cisco Nexus 9000 Series Fabric Switches in ACI mode. The issue lies in the LLDP setup during infrastructure VLAN formation, where insufficient security requirements allow an unauthenticated, adjacent attacker to bypass validations and connect an unauthorized server to the in...

7.4CVSS6.6AI score0.00633EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/05/03 5:29 p.m.16 views

CVE-2019-1803

A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. The vulnerability is...

7.8CVSS7.2AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2019/05/03 4:20 p.m.59 views

CVE-2019-1803

CVE-2019-1803 concerns Cisco Nexus 9000 Series in ACI Mode Switch Software. A local, authenticated administrator can exploit overly permissive permissions on specific system files to execute arbitrary OS commands as root. Exploitation requires valid credentials and crafting a command string to be...

7.8CVSS7.2AI score0.00318EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/05/03 3:29 p.m.2 views

CVE-2019-1592

A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure ACI Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. The vulnerability is due to insufficient...

7.8CVSS6AI score
Exploits0References1
Rows per page
Query Builder