Lucene search
K

128 matches found

NVD
NVD
added 2024/08/13 5:15 p.m.21 views

CVE-2021-46746

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment TEE may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service...

5.2CVSS0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 4:50 p.m.36 views

CVE-2021-46746

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment TEE may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service...

5.2CVSS0.00154EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/13 4:50 p.m.14 views

CVE-2021-46746

Lack of stack protection exploit mechanisms in ASP Secure OS Trusted Execution Environment TEE may allow a privileged attacker with access to AMD signing keys to c006Frrupt the return address, causing a stack-based buffer overrun, potentially leading to a denial of service...

5.2CVSS6.9AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2024/08/13 4:50 p.m.49 views

CVE-2021-46746

CVE-2021-46746 : The AMD ASP/TEE stack protection gap allows a privileged attacker with access to AMD signing keys to corrupt the return address via a stack-based buffer overrun, potentially causing a denial of service. This aligns with AMD’s CVE entry (base score 5.2, local access, high attack c...

5.2CVSS7.2AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/13 12:0 a.m.4 views

PT-2024-11052 · Amd · Asp Secure Os Trusted Execution Environment

Name of the Vulnerable Software and Affected Versions: ASP Secure OS Trusted Execution Environment TEE affected versions not specified Description: The issue is related to a lack of stack protection exploit mechanisms in the ASP Secure OS Trusted Execution Environment TEE. This may allow a...

5.2CVSS7.2AI score0.00154EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a hit to the stack protection page due to an unbounded recursion that could result from old loop detection...

7.8CVSS6.6AI score0.0032EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME lies in buffer overflow attacks on the glass components, allowing intruders to execute arbitrary codes.

The vulnerability of microprogrammed software in biometric terminals ZkTeco ProFace X, Smartec ST-FR043, and Smartec ST-FR041ME stems from buffer overflows in the stack due to the absence of protection mechanisms like Canary and PIE. Exploiting this vulnerability allows an attacker operating...

10CVSS6.4AI score0.00949EPSS
Exploits0References4
CVE
CVE
added 2024/05/21 1:32 p.m.73 views

CVE-2023-3943

The CVE-2023-3943 entry describes a stack-based buffer overflow affecting ZkTeco-based OEM devices (e.g., ZkTeco ProFace X, Smartec ST-FR043, Smartec ST-FR041ME, and potentially others) with firmware ZAM170-NF-1.8.25-7354-Ver1.0.0 (and similar versions). The root cause is failure to implement pro...

10CVSS9.9AI score0.00949EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/12/27 12:0 a.m.25 views

NewStart CGSL MAIN 6.06 : dhcp Vulnerability (NS-SA-2023-0091)

The remote NewStart CGSL host, running version MAIN 6.06, has dhcp packages installed that are affected by a vulnerability: - In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are...

7.4CVSS7.3AI score0.06118EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2023/09/21 12:0 a.m.4 views

The vulnerability of the stack protection function in the GNU Compiler Collection (GCC), various programming languages, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the stack protection function in the GNU Compiler Collection GCC for various programming languages is related to a violation of the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of t...

4.8CVSS6.4AI score0.00666EPSS
Exploits1References7Affected Software7
Tenable Nessus
Tenable Nessus
added 2023/09/14 12:0 a.m.37 views

AlmaLinux 9 : kernel-rt (ALSA-2023:5091)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5091 advisory. - A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options...

7.8CVSS7.4AI score0.05794EPSS
Exploits5References11
OSV
OSV
added 2023/09/13 9:15 a.m.7 views

CVE-2023-4039

DISPUTEDA failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style...

4.8CVSS5.4AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/09/13 5:24 a.m.67 views

CVE-2023-4039

A vulnerability was found in GCC. The GCC's stack protection feature, enabled with the flag -fstack-protector, aims to detect buffer overflows in C/C++ function local variables that might allow an attacker to overwrite saved registers on the stack. If an attacker can modify saved register values,...

6.6AI score0.00666EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/09/12 11:7 a.m.40 views

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS6.9AI score0.54577EPSS
Exploits6References11
AlmaLinux
AlmaLinux
added 2023/09/12 12:0 a.m.69 views

Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch requests CVE-2023-3390 kernel:...

7.8CVSS7.5AI score0.05794EPSS
Exploits5References22
Positive Technologies
Positive Technologies
added 2023/09/12 12:0 a.m.7 views

PT-2023-5294

Name of the Vulnerable Software and Affected Versions GCC versions prior to the fixed version Description A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in an...

4.8CVSS7AI score0.00666EPSS
Exploits1References104
Tenable Nessus
Tenable Nessus
added 2023/07/15 12:0 a.m.36 views

SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2023:2831-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2831-1 advisory. The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following...

7.8CVSS7.2AI score0.01029EPSS
Exploits4References82
OSV
OSV
added 2023/07/14 11:3 a.m.20 views

SUSE-SU-2023:2831-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1077: Fixed a type confusion in picknextrtentity, that could cause memory corruption bsc1208600. - CVE-2023-1249: Fixed a use-after-free flaw in t...

7.8CVSS8.2AI score0.01029EPSS
Exploits4References66
RedhatCVE
RedhatCVE
added 2023/06/13 1:35 a.m.30 views

CVE-2023-21102

A vulnerability was found in the efirtasmwrapper of the efi-rt-wrapper.S in the Linux kernel, where there is a possible bypass of shadow stack protection due to a logic error in the code. This flaw could lead to local escalation of privilege without additional execution privileges needed...

7.8CVSS7.5AI score0.00189EPSS
Exploits1References4
OSV
OSV
added 2023/05/15 10:15 p.m.7 views

CVE-2023-21102

In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

7.8CVSS7.6AI score
Exploits0References2
Rows per page
Query Builder