Lucene search
K

50 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/12/07 10:31 p.m.97 views

Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to Spectre variants 4 and 3a (CVE-2018-3639 CVE-2018-3640)

Summary IBM has released the following Unified Extensible Firmware Interface UEFI fixes for System x, Flex and BladeCenter systems in response to the vulnerabilities referred to as Spectre variants 4 and 3a. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow...

6.4CVSS0.2AI score0.60631EPSS
Exploits2Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.27 views

F5 Networks BIG-IP : RSRE Variant 3a vulnerability (K51801290)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K51801290 advisory. Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may...

5.6CVSS6.5AI score0.07556EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/02/21 7:55 p.m.58 views

K51801290: RSRE Variant 3a vulnerability CVE-2018-3640

Security Advisory Description Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Rea...

5.6CVSS5.7AI score0.07556EPSS
Exploits0Affected Software18
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2018-0322)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.60631EPSS
Exploits2References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:45 a.m.45 views

Security Bulletin: This Power Hardware Management Console (HMC) Security Bulletin is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-3639 (Variant 4) and CVE-2018-3640 (Variant 3a).

Summary In response to recently reported security vulnerabilities, this Power HMC Security Bulletin is released to address Common Vulnerabilities and Exposures issue numbers CVE-2018-3639 and CVE-2018-3640. Vulnerability Details CVEID: CVE-2018-3639 CVEID: CVE-2018-3640 Workarounds and Mitigation...

5.6CVSS2.9AI score0.60631EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:45 a.m.60 views

Security Bulletin: This Power Hardware Management Console (HMC) update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown).

Summary In response to recently reported security vulnerabilities, this Power HMC update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Vulnerability Details CVEID: CVE-2017-5715 CVEID: CVE-2017-5753 CVEID:...

5.6CVSS1.5AI score0.93838EPSS
Exploits14Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2018:2076-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7AI score0.60631EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2018:2335-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS8.5AI score0.60631EPSS
Exploits2References7
Intel
Intel
added 2021/05/11 12:0 a.m.56 views

Q2 2018 Speculative Execution Side Channel Update

Summary: Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors’ processors and operating systems. Intel is committed to product and...

5.6CVSS5.9AI score0.60631EPSS
Exploits2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2018:1935-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7AI score0.60631EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:2331-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7AI score0.60631EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:2331-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7AI score0.60631EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.40 views

SUSE: Security Advisory (SUSE-SU-2018:1935-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7AI score0.60631EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2019/12/18 12:0 a.m.2116 views

Windows Speculative Execution Configuration Check

Binary data microsoftwindowsspecexecution.nbin...

6.5CVSS6.8AI score0.93838EPSS
Exploits14References14
IBM Security Bulletins
IBM Security Bulletins
added 2019/05/30 11:55 p.m.37 views

Security Bulletin: IBM PureApplication Service is affected by vulnerabilities (CVE-2018-3639, CVE-2018-3640)

Summary IBM has released Version 2.2.5.3 for IBM PureApplication Service, which includes IBM OS Images for Red Hat Linux Systems, as well as AIX-based and Windows-based deployments, in response to CVE-2018-3639 and CVE-2018-3640. IBM PureApplication Service has addressed the following...

5.6CVSS0.7AI score0.60631EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.60 views

openSUSE Security Update : ucode-intel (openSUSE-2019-622) (Foreshadow) (Spectre)

ucode-intel was updated to the 20180807 release. For the listed CPU chipsets this fixes CVE-2018-3640 Spectre v3a and is part of the mitigations for CVE-2018-3639 Spectre v4 and CVE-2018-3646 L1 Terminal fault. bsc1104134 bsc1087082 bsc1087083 bsc1089343 Processor Identifier Version Products Mode...

5.6CVSS7AI score0.60631EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2019/03/20 12:0 a.m.323 views

Security Updates for Windows 10 / Windows Server 2019 (February 2019) (Spectre) (Meltdown) (Foreshadow)

The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities: - Spectre Variant 3a CVE-2018-3640: Rogue System Register Read RSRE. - Spectre Variant 4 CVE-2018-3639: Speculative Store Bypass SSB - L1TF CVE-2018-3620,...

5.6CVSS7.2AI score0.60631EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/24 12:55 p.m.43 views

Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...

5.6CVSS1.7AI score0.60631EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/24 12:55 p.m.33 views

Security Bulletin: IBM QRadar SIEM is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...

5.6CVSS1.1AI score0.60631EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/24 12:55 p.m.28 views

Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to 3RD PARTY CPU hardware utilizing speculative execution cache timing side-channel analysis known as Variant 4 or SpectreNG (CVE-2018-3639, CVE-2018-3640)

Summary Speculative execution is a technique used by many modern processors to improve performance by predicting which instructions may be executed based on past execution history. An attacker with local user access may be able to utilize sequences of speculative execution to perform a cache timi...

5.6CVSS1.1AI score0.60631EPSS
Exploits2Affected Software1
Rows per page
Query Builder