USN-4185-2 linux-azure vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

USN-4185-2: Linux kernel (Azure) vulnerabilities

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

USN-4187-1: Linux kernel vulnerability

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

Ubuntu 16.04 LTS / 18.04 LTS : Intel Microcode update (USN-4182-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4182-1 advisory. Stephan van Schaik, Alyssa Milburn, Sebastian sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Mori...

Ubuntu: Security Advisory (USN-4186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4182-2 intel-microcode update

USN-4182-2 provided updates for Intel Microcode. This update provides the corresponding update for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss...

USN-4182-1 intel-microcode update

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

November 12, 2019—KB4523205 (OS Build 17763.864)

November 12, 2019—KB4523205 OS Build 17763.864 Note This release also contains updates for Microsoft HoloLens OS Build 17763.865 released November 12, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have...

November 12, 2019—KB4525243 (Monthly Rollup)

November 12, 2019—KB4525243 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4520012 released October 15, 2019 and addresses the following issues: Addresses an issue that prevents a 16-bit Visual Basic 3 VB3 application or oth...

Fedora Update for nspr FEDORA-2019-e4c45e113c

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Siemens Cp1604 Uncontrolled Resource Consumption

A vulnerability has been identified in CP1604 All versions V2.8, CP1616 All versions V2.8, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller All versions V4.1.1 Patch 05, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 All versions V4.5.0 Patch 01,...

CVE-2019-8140

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

CVE-2019-8140

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...

Unrestricted file upload

An unrestricted file upload vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated admin user can manipulate the Synchronization feature in the Media File Storage of the database to transform uploaded JPEG file into a PHP file...