Lucene search
K

854 matches found

OSV
OSV
added 2019/10/31 2:15 p.m.2 views

ALPINE-CVE-2019-18424

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...

6.8CVSS7AI score0.00497EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/08 12:0 a.m.2 views

Xen Denial of Service Vulnerability (CNVD-2019-34763)

Xen is an open source virtual machine monitor product. Xen suffers from a denial-of-service vulnerability that stems from a page-writable contention condition during the addition of a passed PCI device, which can be exploited by an x86 PV client OS attacker to cause a denial of service or gain...

7.8CVSS8.8AI score0.00259EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/07/10 12:0 a.m.1 views

PT-2019-4891 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions prior to 4.11.x Description: The issue is caused by synchronization errors when using a shared resource, allowing an attacker to cause a denial of service or gain privileges by leveraging a page-writability race condition during...

9.8CVSS7.8AI score0.16658EPSS
Exploits4References201
BDU FSTEC
BDU FSTEC
added 2019/06/27 12:0 a.m.5 views

The vulnerability of the jsm_probe_one handler implementation in Linux kernels allows a hacker to trigger a service failure.

The vulnerability in the implementation of the jsmprobeone function in the drivers/tty/serial/jsm/jsm.ko kernel of the Linux operating system is caused by a memory leak. Exploiting this vulnerability can allow an attacker to cause a system failure by connecting a Digi International Neo and Classi...

6.2CVSS5.5AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/05/21 12:0 a.m.23 views

Schneider Electric Modicon X80 Peripheral Remote IO Adaptor PRA0100 Detection

Binary data 266.prm...

7.3AI score
Exploits0
ThreatPost
ThreatPost
added 2019/02/27 3:45 p.m.90 views

Thunderclap Flaws Shatter Peripheral Security

UPDATE A set of vulnerabilities collectively dubbed “Thunderclap” is putting computers at risk from weaponized peripheral devices think network cards, storage and graphics cards, and even chargers and video projectors. The flaws reside in the Thunderbolt hardware interface developed by Intel in...

0.2AI score
Exploits0References6
NVD
NVD
added 2018/10/26 1:29 p.m.19 views

CVE-2018-5914

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660...

7.8CVSS7.7AI score0.00208EPSS
Exploits0References1
Prion
Prion
added 2018/10/26 1:29 p.m.16 views

Input validation

Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660...

7.2CVSS7.7AI score0.00208EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/10/09 12:0 a.m.5 views

June 14, 2016 — KB3163017 (OS Build 10240.16942)

June 14, 2016 — KB3163017 OS Build 10240.16942 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, Microsoft Edge, and Windows Explorer. Improved...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/08/16 12:0 a.m.7 views

The vulnerability of the Software Guard eXtensions processor technology allows unauthorized access to data stored in a secure zone.

The vulnerability of the Software Guard eXtensions SGX processor implementation relates to the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to data protected by SGX, by executing attacks through peripheral...

7.9CVSS7AI score0.06301EPSS
Exploits0References10Affected Software26
BDU FSTEC
BDU FSTEC
added 2018/08/16 12:0 a.m.5 views

Intel processors’ vulnerabilities, related to the possibility of speculative execution commands, allow attackers to gain unauthorized access to the system memory of the operating system or SMM-memory.

The vulnerability of Intel processors lies in the possibility of speculative execution of instructions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the memory of the operating system’s kernel or SMM memory by executing attacks through peripheral channels tha...

7.1CVSS7AI score0.05577EPSS
Exploits0References13Affected Software25
BDU FSTEC
BDU FSTEC
added 2018/08/16 12:0 a.m.7 views

Intel processors’ vulnerability, related to the possibility of speculative execution commands, allows attackers to circumvent the memory isolation mechanism of virtual machines.

Intel processors’ vulnerabilities are related to the possibility of speculative execution of instructions. Exploiting these vulnerabilities can allow attackers to gain access to the memory of the supervisor or other virtual machines by overcoming the mechanism that isolates virtual machine memory...

7.1CVSS7AI score0.08101EPSS
Exploits0References10Affected Software37
Positive Technologies
Positive Technologies
added 2018/08/12 12:0 a.m.2 views

PT-2023-8981 · Libvirt +9 · Libvirt +9

Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A security flaw in libvirt occurs due to repeatedly querying an SR-IOV PCI device's capabilities, exposing a memory leak caused by a failure to free the virPCIVirtualFunction array within t...

6.5CVSS5.8AI score0.02294EPSS
Exploits0References77
OpenVAS
OpenVAS
added 2018/06/27 12:0 a.m.43 views

Microsoft Windows: LPT port redirection (Remote Desktop Services)

This policy setting specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session. You can use this setting to prevent users from mapping local LPT ports and redirecting data from the remote computer to local LPT port peripherals. By default,...

7.1AI score
Exploits0References2
CNVD
CNVD
added 2017/10/11 12:0 a.m.2 views

Intel SPI Write Protection Local Security Bypass Vulnerability

Intel NUC7i3BNK, etc. are CPU Central Processing Unit products of Intel Corporation USA. A local security bypass vulnerability exists in Intel SPI Write Protection, which can be exploited by a local attacker to bypass certain security restrictions...

8.4CVSS6.8AI score0.00381EPSS
Exploits0References1
OSV
OSV
added 2017/01/12 8:59 p.m.3 views

CVE-2016-8438

Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass Peripheral Image Loader PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR1023638...

9.8CVSS5.8AI score0.02251EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/11/14 8:3 p.m.2 views

Qemu: OOB access in address_space_rw leads to segmentation fault

An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...

5.5CVSS7.3AI score0.00402EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/14 7:55 p.m.6 views

Qemu: OOB access in address_space_rw leads to segmentation fault

An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...

5.5CVSS7.3AI score0.00402EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/11/07 6:14 p.m.2 views

Qemu: OOB access in address_space_rw leads to segmentation fault

An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw...

5.5CVSS7.3AI score0.00407EPSS
Exploits0References4
Kitploit
Kitploit
added 2016/11/01 2:44 p.m.37 views

GATTacker - BLE (Bluetooth Low Energy) Man-in-the-Middle

A Node.js package for BLE Bluetooth Low Energy security assessment using Man-in-the-Middle and other attacks. Prerequisites see: https://github.com/sandeepmistry/noble https://github.com/sandeepmistry/bleno Install npm install gattacker Usage Configure Running both components Set up variables in...

7.2AI score
Exploits0References4
Rows per page
Query Builder