Lucene search
K

154 matches found

Hacker One
Hacker One
added 2020/12/01 4:19 p.m.32 views

PlayStation: SMAP bypass

SMAP is a security feature on x86 CPUs, that forbids ring0 from reading/writing to ring3 pages, making it harder to exploit entire classes of vulnerabilities. There is a vulnerability in FreeBSD 12 that allows SMAP to be bypassed by userland. There is a very high probability that it affects the P...

5CVSS0.5AI score0.01249EPSS
Exploits1
CNVD
CNVD
added 2020/11/13 12:0 a.m.2 views

Palo Alto Networks Panorama Information Disclosure Vulnerability

Palo Alto Networks Panorama is a solution from Palo Alto Networks, USA that supports centralized management and configuration of firewalls. The product supports features such as network traffic monitoring and threat management. An information disclosure vulnerability exists in Palo Alto Networks...

7.5CVSS6.5AI score0.0121EPSS
Exploits0References1
OSV
OSV
added 2020/11/12 12:15 a.m.5 views

CVE-2020-2022

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacke...

7.5CVSS7.1AI score0.0121EPSS
Exploits0References1
Prion
Prion
added 2020/11/12 12:15 a.m.14 views

Information disclosure

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacke...

5.1CVSS7.3AI score0.0121EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.39 views

PAN-OS: Panorama session disclosure during context switch into managed device

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacke...

7.5CVSS2AI score0.0121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/11/11 12:0 a.m.2 views

PT-2020-15246 · Palo Alto Networks · Palo Alto Networks Panorama

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Panorama versions PAN-OS 8.1 through PAN-OS 8.1.16 Palo Alto Networks Panorama versions PAN-OS 9.0 through PAN-OS 9.0.10 Palo Alto Networks Panorama versions PAN-OS 9.1 through PAN-OS 9.1.4 Description: An information...

7.5CVSS7.4AI score0.0121EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.5 views

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality.

...

5.5CVSS7AI score0.00463EPSS
Exploits0
OSV
OSV
added 2020/09/15 11:15 p.m.1 views

DEBIAN-CVE-2020-10766

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced...

5.5CVSS6.6AI score0.00463EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2020/09/15 10:10 p.m.48 views

CVE-2020-10766

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced...

5.5CVSS6.6AI score0.00463EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/08/04 7:39 a.m.6 views

kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

5.5CVSS7.2AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/29 7:40 p.m.5 views

kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

5.5CVSS7.2AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/21 4:26 p.m.9 views

kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

5.5CVSS7.2AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/21 11:24 a.m.5 views

kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

5.5CVSS7.2AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/21 11:9 a.m.5 views

kernel: Rogue cross-process SSBD shutdown. Linux scheduler logical bug allows an attacker to turn off the SSBD protection.

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

5.5CVSS7.2AI score0.00463EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/06/10 10:24 a.m.45 views

CVE-2020-10766

A logic bug flaw was found in the Linux kernel’s implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per...

2.1CVSS6AI score0.00463EPSS
Exploits0References4
OSV
OSV
added 2020/06/10 12:0 a.m.1 views

UBUNTU-CVE-2020-10766

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced...

5.5CVSS6.8AI score0.00463EPSS
Exploits0References9
Palo Alto Networks
Palo Alto Networks
added 2020/05/13 4:0 p.m.74 views

PAN-OS: Panorama context switch session cookie disclosure

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama versio...

8.8CVSS1.7AI score0.00639EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:27 a.m.27 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel when running on AMD64 systems. During a context switch, EFLAGS were being neither saved nor restored...

4.9CVSS2.4AI score0.00396EPSS
Exploits0References20Affected Software1
OSV
OSV
added 2020/03/25 3:12 a.m.7 views

USN-4302-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux-azure vulnerabilities

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested level 2 guest access the resources of a parent level 1 guest in certain situations. An attacker could use this to expose sensitive information. CVE-2020-2732 Gregory Herrero discovere...

6.8CVSS6.7AI score0.02745EPSS
Exploits2References10
OSV
OSV
added 2020/02/18 7:35 p.m.9 views

USN-4285-1 linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-oracle-5.0 vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that the HSA Linux kernel driver for AMD GPU devices did not...

7.8CVSS6.9AI score0.10114EPSS
Exploits3References13
Rows per page
Query Builder