Lucene search
K

89 matches found

Tenable Nessus
Tenable Nessus
added 2022/11/16 12:0 a.m.55 views

Oracle Linux 8 : kernel (ELSA-2022-7683)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7683 advisory. - x86/speculation: Add LFENCE to RSB fill sequence Waiman Long 2115080 CVE-2022-26373 - x86/speculation: Add RSB VM Exit protections Waiman Long 211508...

8.6CVSS7.4AI score0.12746EPSS
Exploits35References27
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.34 views

RHEL 8 : kernel (RHSA-2022:7683)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7683 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or...

8.6CVSS7.5AI score0.12746EPSS
Exploits35References169
Information Security Automation
Information Security Automation
added 2022/09/23 10:44 p.m.136 views

Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB

Hello everyone! Lets take a look at Microsofts September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays as usual, they were in Microsoft Edge, the final number is 90...

1.9CVSS0.9AI score0.75711EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.67 views

KB5017328: Windows 11 Security Update (September 2022)

The remote Windows host is missing security update 5017328. It is, therefore, affected by multiple vulnerabilities - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the...

9.8CVSS7.1AI score0.85762EPSS
Exploits7References43
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.47 views

Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-039)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-039 advisory. Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a known cross-domain transient execution attack where a thi...

8.6CVSS7.5AI score0.88106EPSS
Exploits101References15
Tenable Nessus
Tenable Nessus
added 2022/07/14 12:0 a.m.51 views

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-2110)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In aiopollcompletework of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalati...

7.8CVSS6.9AI score0.0155EPSS
Exploits7References19
Tenable Nessus
Tenable Nessus
added 2022/07/08 12:0 a.m.48 views

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1969)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...

7.8CVSS7.3AI score0.02913EPSS
Exploits14References15
Tenable Nessus
Tenable Nessus
added 2022/05/24 12:0 a.m.86 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-023 (ALASKERNEL-5.4-2022-023)

The version of kernel installed on the remote host is prior to 5.4.181-99.354. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-023 advisory. AMD recommends using a software mitigation for this issue, which the kernel is enabling by default. The Lin...

9CVSS6.9AI score0.67994EPSS
Exploits2References50
OSV
OSV
added 2022/05/11 11:3 a.m.4 views

OESA-2022-1631 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the systemCVE-2022-1205 A flaw was...

7.8CVSS5.7AI score0.0155EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2022/04/11 12:0 a.m.40 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...

7.8CVSS7.6AI score0.05918EPSS
Exploits18References12
Tenable Nessus
Tenable Nessus
added 2022/04/11 12:0 a.m.97 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9273)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9273 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...

7.8CVSS7.6AI score0.05918EPSS
Exploits18References12
Tenable Nessus
Tenable Nessus
added 2022/03/23 12:0 a.m.58 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9245)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9245 advisory. - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942325 CVE-2022-0847 - arm64: Use the clearbhb instruction in...

9CVSS7.3AI score0.88106EPSS
Exploits122References11
Tenable Nessus
Tenable Nessus
added 2022/03/23 12:0 a.m.48 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9244)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9244 advisory. - lib/ioviter: initialize 'flags' in new pipebuffer Max Kellermann Orabug: 33942325 CVE-2022-0847 - arm64: Use the clearbhb instruction in...

9CVSS7.3AI score0.88106EPSS
Exploits122References11
Mageia
Mageia
added 2022/03/14 4:51 p.m.68 views

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

9.1CVSS7.3AI score0.04919EPSS
Exploits0References6
Mageia
Mageia
added 2022/03/14 4:51 p.m.70 views

Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.28 and fixes at least the following security issues: Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

9.1CVSS7.2AI score0.04919EPSS
Exploits0References7
NVD
NVD
added 2022/03/13 12:15 a.m.23 views

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

5.6CVSS0.00495EPSS
Exploits0References5
OSV
OSV
added 2022/03/13 12:15 a.m.41 views

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

5.6CVSS4.4AI score
Exploits0References5
Prion
Prion
added 2022/03/13 12:15 a.m.38 views

Design/Logic Flaw

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

1.9CVSS6.2AI score0.00495EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2022/03/12 11:57 p.m.511 views

CVE-2022-23960

CVE-2022-23960 affects Arm Cortex and Neoverse processors. It is a Spectre-BHB side-channel issue where shared branch history in the Branch History Buffer can influence mispredicted branches, enabling potential information disclosure through cache allocation. Documents note mitigations include de...

5.6CVSS6.4AI score0.00495EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/03/12 11:57 p.m.182 views

CVE-2022-23960

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer BHB to influence mispredicted branches. Then, cache allocation can allow the attacker to obtai...

5.6CVSS5.8AI score0.00495EPSS
Exploits0
Rows per page
Query Builder