Lucene search
K

62 matches found

FreeBSD Advisory
FreeBSD Advisory
added 2019/05/14 12:0 a.m.17 views

FreeBSD-SA-19:07.mds

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:07.mds Security Advisory The FreeBSD Project Topic: Microarchitectural Data Sampling MDS Category: core Module: kernel Announced: 2019-05-14 Credits: Refer t...

5.9CVSS6.9AI score0.01553EPSS
Exploits0
ThreatPost
ThreatPost
added 2019/03/25 5:40 p.m.111 views

Some ASUS Updates Drop Backdoors on PCs in 'Operation ShadowHammer'

A supply-chain attack dubbed “Operation ShadowHammer” has been uncovered, targeting users of the ASUS Live Update Utility with a backdoor injection. The China-backed BARIUM APT is suspected to be at the helm of the project. According to Kaspersky Lab, the campaign ran from June to at least Novemb...

0.4AI score
Exploits0References7
CNVD
CNVD
added 2018/10/12 12:0 a.m.3 views

Intel NUC FW kits input validation error vulnerability

Intel NUC FW kits is a mini-desktop from Intel Corporation USA.BIOS update utility is one of the BIOS update utilities. An input validation error vulnerability exists in Intel NUC FW kits. An attacker could exploit this vulnerability to cause a denial of service or information disclosure...

6CVSS6.7AI score0.00329EPSS
Exploits0References1
CVE
CVE
added 2018/10/10 6:0 p.m.36 views

CVE-2018-12158

The CVE-2018-12158 issue affects Intel NUC Firmware Kits’ BIOS update utility. Insufficient input validation in the BIOS update executable for kits downloaded before May 24, 2018 could allow a local, privileged user to trigger a denial of service or information disclosure. Affected devices are In...

6CVSS5.7AI score0.00329EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/04/04 12:0 a.m.5 views

Gigabyte BRIX Mini PCs are vulnerable to firmware update validation flaws

GIGABYTE is a professional motherboard manufacturer in Taiwan. GB-BSi7H-6500 and GB-BXi7-5775 are GIGABYTE Brix small computers, similar to Intel NUCs. UEFI, or Unified Extensible Firmware Interface, is a standard that describes the type of interface in detail. UEFI, or Unified Extensible Firmwar...

10CVSS7.5AI score0.05641EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2016/02/04 12:0 a.m.48 views

Intel Driver Update Utility 2.x < 2.4 Cleartext Download MitM

The version of the Intel Driver Update Utility installed on the remote host is 2.x prior to 2.4. It is, therefore, affected by a man-in-the-middle vulnerability due to the transmission of driver updates in cleartext. A man-in-the-middle attacker can exploit this to disclose or manipulate data,...

7.6CVSS7.6AI score0.01248EPSS
Exploits1References3
NVD
NVD
added 2016/01/29 8:59 p.m.13 views

CVE-2016-1493

Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

7.6CVSS7.6AI score0.01248EPSS
Exploits1References5
Prion
Prion
added 2016/01/29 8:59 p.m.19 views

Code injection

Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

7.6CVSS7.8AI score0.01248EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2016/01/29 8:0 p.m.18 views

CVE-2016-1493

Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted file...

7.6AI score0.01248EPSS
Exploits1References5
CVE
CVE
added 2016/01/29 8:0 p.m.54 views

CVE-2016-1493

Intel Driver Update Utility (IDUU) prior to version 2.4 is affected by a Man-in-the-Middle vulnerability due to cleartext transmission of driver updates, enabling potential data disclosure, integrity corruption, and possibly code execution via crafted updates. Affected product.version: IDUU 2.x b...

7.6CVSS7.6AI score0.01248EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Storm
added 2016/01/19 12:0 a.m.97 views

Intel Driver Update Utility 2.2.0.5 Man-In-The-Middle

Advisory Information Title: Intel Driver Update Utility MiTM Advisory ID: CORE-2016-0001 Advisory URL: http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm Date published: 2016-01-19 Date of last update: 2016-01-14 Vendors contacted: Intel Release mode: Coordinated release 2...

7.6CVSS0.1AI score0.01248EPSS
Exploits1
Intel
Intel
added 2016/01/19 12:0 a.m.9 views

Potential vulnerability in the Intel® Driver Update Utility

Summary: This update to the Intel® Driver Update Utility mitigates the use of a non-SSL URL. Intel has released a new version of the software that provides mitigation of this issue. Description: Intel® Driver Update Utility analyzes Intel-product drivers on your computer and lets you know if driv...

6.9AI score
Exploits0
Prion
Prion
added 2013/01/21 4:55 p.m.15 views

Code injection

The client in Schneider Electric Software Update SESU Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data stream on TCP port 80...

9.3CVSS7.5AI score0.02906EPSS
Exploits0References3Affected Software1
Redos
Redos
added 1976/01/01 12:0 a.m.8 views

ROS-2-2475

2.2475 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.4AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.10 views

ROS-2-2354

2.2354 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.8AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.11 views

ROS-2-2555

2.2555 Notice of Update for RED OS Operating System RU.29926343.02.01-25 OOO “RED SOFT” informs you that the testing process for RED OS 8 has been completed, and the certified distribution of RED OS 8 has been released. If you have questions regarding the purchase of a new installation kit...

5.4AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.15 views

ROS-2-2380

2.2380 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.8AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.15 views

ROS-2-2353

2.2353 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.8AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.8 views

ROS-2-2685

2.2685 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.4AI score
Exploits0
Redos
Redos
added 1976/01/01 12:0 a.m.14 views

ROS-2-2489

2.2489 Notice of Update for RED OS Operating System RU.29926343.02.01-25 REDO SOFT LLC announces that the testing process for RED OS 8 has been completed, and the certified distribution version of RED OS 8 is now available. If you have questions regarding the purchase of a new installation kit...

5.4AI score
Exploits0
Rows per page
Query Builder