Lucene search
+L

295 matches found

schneier
schneier
added 2018/05/22 2:38 p.m.47 views

Another Spectre-Like CPU Vulnerability

Google and Microsoft researchers have disclosed another Spectre-like CPU side-channel vulnerability, called "Speculative Store Bypass." Like the others, the fix will slow the CPU down. The German tech site Heise reports that more are coming. I'm not surprised. Writing about Spectre and Meltdown i...

1.7AI score
Exploits0
cnvd
cnvd
added 2018/05/16 12:0 a.m.6 views

Siemens SIMATIC S7-400 Denial of Service Vulnerability

Products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. A denial of service vulnerability exists in the Siemens SIMATIC S7-400. Because an affected CPU fails to properly authenticate S7 communication packets, an attacker could exploit t...

7.5CVSS6.8AI score0.02544EPSS
Exploits0References1
nessus
nessus
added 2018/03/05 12:0 a.m.81 views

OracleVM 3.4 : xen (OVMSA-2018-0020) (Meltdown) (Spectre)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=9ccc143584e12027a8db854d19ce8a120d22cfac - BUILDINFO: QEMU upstream...

8.8CVSS7.5AI score0.93838EPSS
Exploits13References6
mssecure
mssecure
added 2018/02/12 5:0 p.m.26 views

Cyber resilience for the modern enterprise

Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...

7.4AI score
Exploits0
mmpc
mmpc
added 2018/02/12 5:0 p.m.22 views

Cyber resilience for the modern enterprise

Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...

7.4AI score
Exploits0
threatpost
threatpost
added 2018/01/25 1:51 p.m.46 views

Firefox, Chrome Patch Vulnerabilities, Add Security Features

Both Mozilla and Google have updated their browsers this week and have added important security fixes along with bolstering user privacy and safety. Google tackled 53 security fixes on Wednesday with the debut of Chrome 64 version 64.0.3282.119 for Windows, Mac and Linux. Only three of the...

7.5CVSS9.1AI score0.03393EPSS
Exploits0References17
openvas
openvas
added 2018/01/18 12:0 a.m.167 views

CentOS Update for microcode_ctl CESA-2018:0093 centos7

Check the version of microcodectl SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882828";...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References2
nessus
nessus
added 2018/01/18 12:0 a.m.63 views

Oracle Linux 6 / 7 : microcode_ctl (ELSA-2018-0093) (Spectre)

From Red Hat Security Advisory 2018:0093 : An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterpri...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References3
nessus
nessus
added 2018/01/17 12:0 a.m.110 views

RHEL 6 / 7 : microcode_ctl (RHSA-2018:0093) (Spectre)

An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red H...

5.6CVSS7.2AI score0.74041EPSS
Exploits9References4
redhat
redhat
added 2018/01/16 8:1 p.m.150 views

(RHSA-2018:0093) Important: microcode_ctl security update

The microcodectl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has provided updated microcode, developed by our...

5.6CVSS6.8AI score0.74041EPSS
Exploits9
veracode
veracode
added 2017/05/22 1:29 a.m.19 views

Arbitrary Command Execution

windows-cpu is vulnerable to arbitrary command execution. This is because the findLoad method doesn't sanitize or perform any validation before passing user-input to the shell...

9.8CVSS9.4AI score0.04236EPSS
Exploits1References3Affected Software1
openvas
openvas
added 2017/01/04 12:0 a.m.27 views

openSUSE: Security Advisory for xen (openSUSE-SU-2017:0008-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS7AI score0.00509EPSS
Exploits0References1
nessus
nessus
added 2014/10/29 12:0 a.m.251 views

Fedora 20 : kernel-3.16.6-203.fc20 (2014-13773)

More KVM CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

7.8CVSS6.3AI score0.00595EPSS
Exploits2References9
cvelist
cvelist
added 2012/12/03 9:0 p.m.26 views

CVE-2012-2934

Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service host hang via sequential execution of instructions across a non-canonical boundary, a different...

4.1AI score0.00459EPSS
Exploits0References9
thn
thn
added 2012/06/20 5:56 p.m.11 views

Intel CPU Vulnerability can provide control of your system to attacker

Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...

7.3AI score
Exploits0
Rows per page
Query Builder