Lucene search
+L

103 matches found

nvd
nvd
added 2020/04/28 8:15 p.m.21 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5CVSS5.5AI score0.00246EPSS
Exploits0References1
osv
osv
added 2020/04/28 8:15 p.m.5 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5CVSS5.8AI score0.00246EPSS
Exploits0References1
cvelist
cvelist
added 2020/04/28 7:11 p.m.26 views

CVE-2019-15877

In FreeBSD 12.1-STABLE before r356606 and 12.1-RELEASE before 12.1-RELEASE-p3, driver specific ioctl command handlers in the ixl network driver failed to check whether the caller has sufficient privileges allowing unprivileged users to trigger updates to the device's non-volatile memory...

5.5AI score0.00246EPSS
Exploits0References1
nessus
nessus
added 2020/03/20 12:0 a.m.35 views

FreeBSD : FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking (b2b83761-6a09-11ea-92ab-00163e433440)

The driver-specific ioctl2 command handlers in ixl4 failed to check whether the caller has sufficient privileges to perform the corresponding operation. Impact : The ixl4 handler permits unprivileged users to trigger updates to the device's non-volatile memory NVM. C Tenable Network Security, Inc...

5.5CVSS5.7AI score0.00246EPSS
Exploits0References2
freebsd_advisory
freebsd_advisory
added 2020/03/19 12:0 a.m.9 views

FreeBSD-SA-20:06.if_ixl_ioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:06.ifixlioctl Security Advisory The FreeBSD Project Topic: Insufficient ixl4 ioctl2 privilege checking Category: core Module: ixl4 Announced: 2020-03-19...

5.5CVSS6.2AI score0.00246EPSS
Exploits0
osv
osv
added 2019/06/18 7:15 p.m.5 views

CVE-2017-8335

An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of setting name for wireless network. These values are stored by the device in NVRAM Non-volatile RAM. It seems that the POST parameters passed in thi...

8CVSS6AI score0.02077EPSS
Exploits1References3
cnvd
cnvd
added 2018/11/07 12:0 a.m.4 views

QEMU NVM Express Controller Heap Buffer Overflow Vulnerability

QEMU is a suite of analog processor software developed by French programmer Fabrice Bellard.NVM Express Controller is one of the NVMe Non-Volatile Memory Host Controller Interface Specification controller components. The NVM Express Controller emulation in QEMU suffers from a heap buffer overflow...

7.8CVSS7AI score0.00542EPSS
Exploits0References1
thn
thn
added 2018/09/13 12:27 p.m.64 views

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers...

0.7AI score
Exploits0
nvd
nvd
added 2017/11/16 10:29 p.m.21 views

CVE-2017-9701

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory...

7.5CVSS7.3AI score0.00412EPSS
Exploits0References1
prion
prion
added 2017/11/16 10:29 p.m.14 views

Design/Logic Flaw

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory...

5CVSS7.2AI score0.00412EPSS
Exploits0References1
cvelist
cvelist
added 2017/11/16 10:0 p.m.21 views

CVE-2017-9701

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go fastboot commands data leak may occur, resulting from writing uninitialized stack structure to non-volatile memory...

7.3AI score0.00412EPSS
Exploits0References1
myhack58
myhack58
added 2017/09/07 12:0 a.m.75 views

Samsung, Huawei and other phone Bootloader was traced to the presence of many high-risk bug-vulnerability warning-the black bar safety net

California University research team to create the main stream mobile platform in the bootloader exists in the code test and the DOS of the security gap. Workshop staff with a BootStomp to create 6 new found cracks, 5 of which division is the manufacturer to confirm. There is also a su XI reported...

7.1CVSS1.3AI score0.00365EPSS
Exploits0
cnvd
cnvd
added 2017/01/10 12:0 a.m.3 views

Intel Ethernet Controller's X710/XL710 Denial of Service Vulnerability

Intel Ethernet Controller X710 and others are Ethernet controllers from Intel Corporation USA. A denial of service vulnerability exists in the Non-Volatile Memory in the Intel Ethernet Controller X710 and XL710 prior to version 5.05. A remote attacker could exploit this vulnerability to cause the...

5.9CVSS6.8AI score0.05129EPSS
Exploits0References1
nvd
nvd
added 2017/01/09 9:59 p.m.14 views

CVE-2016-8106

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions...

5.9CVSS5.5AI score0.05129EPSS
Exploits0References7
osv
osv
added 2017/01/09 9:59 p.m.4 views

CVE-2016-8106

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions...

5.9CVSS5.8AI score0.05129EPSS
Exploits0References7
cvelist
cvelist
added 2017/01/09 9:0 p.m.27 views

CVE-2016-8106

A Denial of Service in Intel Ethernet Controller's X710/XL710 with Non-Volatile Memory Images before version 5.05 allows a remote attacker to stop the controller from processing network traffic working under certain network use conditions...

5.5AI score0.05129EPSS
Exploits0References7
cve
cve
added 2017/01/09 9:0 p.m.59 views

CVE-2016-8106

CVE-2016-8106 is discussed in IBM documentation as affecting the IBM QRadar Network Security XGS appliance family, specifically noting a vulnerability in the 40-GbE network interface modules for the XGS 7100. The IBM entry (Security Bulletin: A vulnerability has been discovered in 40-GbE network ...

5.9CVSS5.7AI score0.05129EPSS
Exploits0References7Affected Software1
cnvd
cnvd
added 2016/04/24 12:0 a.m.3 views

Lexmark Printer Sensitive Information Disclosure Vulnerability

Lexmark printer is a printer product. An information disclosure vulnerability exists in the Lexmark printer, where failure to properly handle Erase Printer Memory and Erase Hard Disk operations could allow a local attacker to obtain sensitive information by directly reading non-volatile memory...

4.6CVSS5.9AI score0.00347EPSS
Exploits0References1
osv
osv
added 2016/04/22 12:59 a.m.2 views

CVE-2016-3145

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on...

4.6CVSS5.8AI score0.00347EPSS
Exploits0References1
prion
prion
added 2016/04/22 12:59 a.m.17 views

Hardcoded credentials

Lexmark printers with firmware ATL before ATL.021.063, CB before CB.021.063, PP before PP.021.063, and YK before YK.021.063 mishandle Erase Printer Memory and Erase Hard Disk actions, which allows physically proximate attackers to obtain sensitive information via direct read operations on...

2.1CVSS6.6AI score0.00347EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder