Lucene search
+L

98 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.32 views

Xen: x86: BTC/SRSO Fixes Not Fully Effective (XSA-446)

The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ-safe as it was believed that the mitigations were always operated in contexts with IRQs disabled. However due to an unanticipated interaction with XSA-254 Meltdown, a race condition exists whereb...

4.7CVSS5.1AI score0.0025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.27 views

Fedora 38 : xen (2023-56901a79a1)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-56901a79a1 advisory. x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445, CVE-2023-46835 x86: BTC/SRSO fixes not fully effective XSA-446, CVE-2023-46836...

5.5CVSS6.1AI score0.00284EPSS
Exploits0References3
OSV
OSV
added 2023/11/20 1:23 p.m.7 views

SUSE-SU-2023:4486-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...

5.5CVSS5.2AI score0.00284EPSS
Exploits0References5
OSV
OSV
added 2023/11/20 1:23 p.m.9 views

SUSE-SU-2023:4485-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...

5.5CVSS5.2AI score0.00284EPSS
Exploits0References5
OSV
OSV
added 2023/11/20 1:22 p.m.9 views

SUSE-SU-2023:4484-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...

5.5CVSS5.2AI score0.00284EPSS
Exploits0References5
OSV
OSV
added 2023/11/17 7:5 a.m.8 views

SUSE-SU-2023:4476-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero XSA-439 bsc1215474. - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests XSA-438 bsc1215145. - CVE-2023-34325: Multiple vulnerabilities in...

7.8CVSS6.7AI score0.12405EPSS
Exploits0References17
OSV
OSV
added 2023/11/16 4:57 p.m.10 views

SUSE-SU-2023:4466-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels XSA-445 bsc1216654. - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective XSA-446 bsc1216807...

5.5CVSS5.2AI score0.00284EPSS
Exploits0References5
Xen Project
Xen Project
added 2023/11/14 12:0 p.m.46 views

x86: BTC/SRSO fixes not fully effective

ISSUE DESCRIPTION The fixes for XSA-422 Branch Type Confusion and XSA-434 Speculative Return Stack Overflow are not IRQ-safe. It was believed that the mitigations always operated in contexts with IRQs disabled. However, the original XSA-254 fix for Meltdown XPTI deliberately left interrupts enabl...

4.7CVSS7AI score0.0025EPSS
Exploits0Affected Software1
OSV
OSV
added 2023/07/11 12:0 a.m.13 views

MAL-2023-1550 Malicious code in btc-api-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f59f6e40fe31bd4d5d4aa5da8bc0d032e2bbff9166104dc707c2987f953a5d93 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

7.2AI score
Exploits0References4
HackRead
HackRead
added 2023/06/13 10:0 p.m.17 views

2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money laundering

By Habiba Rashid Accused individuals allegedly conspired to launder around 647,000 stolen Bitcoins from Mt. Gox, leading to its collapse. This is a post from HackRead.com Read the original post: 2 Russians charged in Mt. Gox Bitcoin heist and BTC-e money laundering...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/13 10:39 a.m.25 views

Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

The U.S. Department of Justice DoJ has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt. Gox. According to unsealed indictments released last week, Alexey Bilyuchenko, 43, and Aleksandr Verner, 29, have been accuse...

6.8AI score
Exploits0
Securelist
Securelist
added 2023/06/05 10:0 a.m.30 views

Satacom delivers browser extension that steals cryptocurrency

Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom. The Satacom...

7.4AI score
Exploits0
vulnersOsv
vulnersOsv
added 2023/05/16 6:30 p.m.6 views

com.btc.ep:btc-embeddedplatform (>=2.5.8 <=2.5.9), org.jenkins-ci.plugins:qmetry-for-jira-test-management (>=1.11 <=1.26) potentially affected by CVE-2023-32981 via org.jenkins-ci.plugins:pipeline-utility-steps (=1.1.1)

org.jenkins-ci.plugins:pipeline-utility-steps MAVEN version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:pipeline-utility-steps and may be impacted: - com.btc.ep:btc-embeddedplatform =2.5.8, =1.11, =1.26 Source cves:...

8.8CVSS7.2AI score0.01016EPSS
Exploits0
Code423n4
Code423n4
added 2023/01/26 12:0 a.m.13 views

Upgraded Q -> M from #598 [1674741102558]

Judge has assessed an item in Issue 598 as M risk. The relevant finding follows: 2.minDepositAmount When the asset is btc, the minDepositAmount is too large when asset == btc , minDepositAmount = 0.1 btc , equal 2000 usd suggest: function minDepositAmount public view virtual overrideERC4626Cloned...

6.9AI score
Exploits0
HackRead
HackRead
added 2022/12/05 4:20 p.m.18 views

Data of Israeli Employees from 29 Logistics Firms Sold Online

By Waqas The 50GB worth of data is currently being sold on two clear web forums with a price tag of 1 BTC per database. This is a post from HackRead.com Read the original post: Data of Israeli Employees from 29 Logistics Firms Sold Online...

1AI score
Exploits0
vulnersOsv
vulnersOsv
added 2022/11/16 12:0 p.m.6 views

com.btc.ep:btc-embeddedplatform (>=2.5.8 <=2.5.9), org.jenkins-ci.plugins:qmetry-for-jira-test-management (>=1.11 <=1.26) potentially affected by CVE-2022-45381 via org.jenkins-ci.plugins:pipeline-utility-steps (=1.1.1)

org.jenkins-ci.plugins:pipeline-utility-steps MAVEN version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:pipeline-utility-steps and may be impacted: - com.btc.ep:btc-embeddedplatform =2.5.8, =1.11, =1.26 Source cves:...

8.1CVSS7.2AI score0.01328EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/19 7:0 p.m.5 views

com.bmc.ims:bmc-cfa (=198.vfe106798d1a6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +158 more potentially affected by CVE-2022-43409 via org.jenkins-ci.plugins.workflow:workflow-support (>=0.1-beta-1 <=819.v37d707a_71d9b_)

org.jenkins-ci.plugins.workflow:workflow-support MAVEN version =0.1-beta-1, =1.9.2-beta, =0.0.1, =8.0.12, =0.8, =1.0.14, =1.0, =1.3.0, =320.v5a0933ae7d61, =1.0, =1.0, =0.9.0, =1.0, =1.20 and more Source cves: CVE-2022-43409 Source advisory: OSV:GHSA-64R9-X74Q-WXMH...

5.4CVSS6AI score0.00655EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/19 7:0 p.m.7 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.openshift.jenkins:openshift-pipeline (>=1.0.14 <=1.0.57) +39 more potentially affected by CVE-2022-43401 via org.jenkins-ci.plugins.workflow:workflow-cps (>=0.1-beta-1 <=2660.vb_c0412dc4e6d)

org.jenkins-ci.plugins.workflow:workflow-cps MAVEN version =0.1-beta-1, =1.9.2-beta, =1.0.14, =1.3.0, =0.9.0, =1.22, =1.0, =1.0, =1.0, =0.1-beta-1, =0.1-beta-5, =1.9-beta-1, =2.3 and more Source cves: CVE-2022-43401 Source advisory: OSV:GHSA-7VR5-72W7-Q6JC...

9.9CVSS7.7AI score0.01211EPSS
Exploits0
HackRead
HackRead
added 2022/09/12 6:45 p.m.28 views

Popular YouTuber Scuba Jake’s channel hacked to run crypto scam

By Waqas Scuba Jake, whose real name is Jake Koehler, had his YouTube channel "DALLMYD" with 13 million subscribers hacked to steal 1.01 BTC. This is a post from HackRead.com Read the original post: Popular YouTuber Scuba Jakes channel hacked to run crypto scam...

1.7AI score
Exploits0
GithubExploit
GithubExploit
added 2022/06/26 1:7 p.m.516 views

Exploit for Code Injection in Wptaskforce Wpcargo_Track_\&_Trace

CVE-2021-25003 !made-with-pythonhttps://img.shields.io/bad...

9.8CVSS9.5AI score0.56148EPSS
Exploits3
Rows per page
Query Builder