CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache...

Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20180104) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be...

VMSA-2018-0002 : VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. (Spectre)

Bounds Check bypass and Branch Target Injection issues CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Speculative...

Security Bulletin: NVIDIA SHIELD TV Security Updates for CPU Speculative Side Channel Vulnerabilities

NVIDIA SHIELD TV Response to CPU Speculative Side Channel Vulnerabilities - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 Bulletin Summary NVIDIA is providing an initial security update to mitigate aspects of Google Project Zero's January 3, 2018, publication of novel information disclosure attacks...

Reading privileged memory with a side-channel (Meltdown & Spectre)

We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to at worst arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Variants of this issue are known to affect many mode...

CVE-2017-5754

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache...

VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

Bounds-Check bypass and Branch Target Injection issues CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Speculative...

Reading privileged memory with a side-channel

Posted by Jann Horn, Project Zero We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to at worst arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Variants of this...

VMSA-2018-0002:VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

VMSA-2018-0002.3 VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0002.3 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware ESXi,...

Apple Mac OS X Security Updates (HT208331, HT208394)-01

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

IBM WebSphere Application Server Proxy Server or On-demand-router ODR 7.0, 8.0, 8.5, 9.0 and could allow a local attacker to obtain sensitive information, caused by stale data being cached and then served. IBM X-Force ID: 127152...

IBM License Metric Tool and BigFix Inventory Information Disclosure Vulnerability (CNVD-2017-00066)

The IBM License Metric Tool and BigFix Inventory are both products of IBM Corporation of America. The former is a set of free tools that help IBM Passport Advantage Software Upgrade and Support Services customers determine their Processor Value Unit PVU licensing needs, and the latter is a soluti...

CVE-2013-5897

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache...

CVE-2013-5897

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in Oracle Supply Chain Products Suite 6.0, 6.1, and 6.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Manage Data Cache...

D-Link DIR-605L Captcha Handling Buffer Overflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Boa/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DIR-605L Captcha Handling...

bind: failure to clear existing RRSIG records when a NO DATA is negatively cached could DoS named

named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service daemon crash via a query for...

WordPress: Arbitrary command execution

Background WordPress is a PHP and MySQL based content management and publishing system. Description rgod discovered that WordPress insufficiently checks the format of cached username data. Impact An attacker could exploit this vulnerability to execute arbitrary commands by sending a specially...

RealPlayer Arbitrary File Deletion Vulnerability (#NISR19012005f)

NGSSoftware Insight Security Research Advisory Name: RealPlayer Arbitrary File Deletion Vulnerability Systems Affected: RealPlayer 10.5 6.0.12.1040 and older Severity: High Vendor URL: http://www.real.com/ Author: John Heasman [email protected] Date of Public Advisory: 19th January 2004 Adviso...