295 matches found
Another Spectre-Like CPU Vulnerability
Google and Microsoft researchers have disclosed another Spectre-like CPU side-channel vulnerability, called "Speculative Store Bypass." Like the others, the fix will slow the CPU down. The German tech site Heise reports that more are coming. I'm not surprised. Writing about Spectre and Meltdown i...
Siemens SIMATIC S7-400 Denial of Service Vulnerability
Products in the Siemens SIMATIC S7-400 CPU family have been designed for process control in industrial environments. A denial of service vulnerability exists in the Siemens SIMATIC S7-400. Because an affected CPU fails to properly authenticate S7 communication packets, an attacker could exploit t...
OracleVM 3.4 : xen (OVMSA-2018-0020) (Meltdown) (Spectre)
The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: OVMF commit=173bf5c847e3ca8b42c11796ce048d8e2e916ff8 - BUILDINFO: xen commit=9ccc143584e12027a8db854d19ce8a120d22cfac - BUILDINFO: QEMU upstream...
Cyber resilience for the modern enterprise
Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...
Cyber resilience for the modern enterprise
Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...
Firefox, Chrome Patch Vulnerabilities, Add Security Features
Both Mozilla and Google have updated their browsers this week and have added important security fixes along with bolstering user privacy and safety. Google tackled 53 security fixes on Wednesday with the debut of Chrome 64 version 64.0.3282.119 for Windows, Mac and Linux. Only three of the...
CentOS Update for microcode_ctl CESA-2018:0093 centos7
Check the version of microcodectl SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882828";...
Oracle Linux 6 / 7 : microcode_ctl (ELSA-2018-0093) (Spectre)
From Red Hat Security Advisory 2018:0093 : An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterpri...
RHEL 6 / 7 : microcode_ctl (RHSA-2018:0093) (Spectre)
An update for microcodectl is now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red H...
(RHSA-2018:0093) Important: microcode_ctl security update
The microcodectl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has provided updated microcode, developed by our...
Arbitrary Command Execution
windows-cpu is vulnerable to arbitrary command execution. This is because the findLoad method doesn't sanitize or perform any validation before passing user-input to the shell...
openSUSE: Security Advisory for xen (openSUSE-SU-2017:0008-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 20 : kernel-3.16.6-203.fc20 (2014-13773)
More KVM CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
CVE-2012-2934
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service host hang via sequential execution of instructions across a non-canonical boundary, a different...
Intel CPU Vulnerability can provide control of your system to attacker
Intel CPU Vulnerability can provide control of your system to attacker The U.S. Computer Emergency Readiness Team US-CERT has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems. The flaw has already been exploited on 64-bit versions of...