OSV-2020-573 UNKNOWN READ in (__has_construct<std::__1::allocator<unsigned

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14479 Crash type: UNKNOWN READ Crash state: hasconstruct::value, void::t std::1::vector ::vectoruns...

OSV-2020-348 Heap-buffer-overflow in std::__1::vector<std::__1::vector<Sass::SharedImpl<Sass::ComplexSelector>, std::

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15893 Crash type: Heap-buffer-overflow READ 8 Crash state: std::1::vector, std:: Sass::ComplexSelector::resolveparentrefs Sass::SelectorList::resolveparentrefs...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 7.4 Advances Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

The vulnerability of the Windows Error Reporting Manager’s error report dispatcher in Microsoft Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Windows Error Reporting Manager’s error reporting dashboard in Microsoft Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges by running a specially created application...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : microcode_ctl (RHSA-2020:2757)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2757 advisory. Security Fixes: hw: Special Register Buffer Data Sampling SRBDS CVE-2020-0543 hw: L1D Cache Eviction Sampling CVE-2020-0549 hw: Vector...

CVE-2020-15015

The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document...

CVE-2020-15015

The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document...

OSV-2020-65 Heap-use-after-free in std::__1::vector<unsigned long, std::__1::allocator<unsigned long> >::begin

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21908 Crash type: Heap-use-after-free READ 8 Crash state: std::1::vector ::begin perfetto::traceprocessor::TrackTracker::ResolveDescriptorTrack perfetto::traceprocessor::TrackTracker::GetDescriptorTrackImpl...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

Updated microcodectl packages that fix several security bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

Moderate: Red Hat Security Advisory: microcode_ctl security, bug fix and enhancement update

An update for microcodectl is now available for Red Hat enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Security Bulletin: Multiple vulnerabilities have been identified in IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i (CVE-2009-3555)

Summary Information about security vulnerabilities affecting IBM Tivoli Netcool/OMNIbus Probe for Network Node Manager i is published in the details below. Vulnerability Details CVEID: CVE-2009-3555 DESCRIPTION: Multiple implementations of the Transport Layer Security TLS protocol, including SSL,...