Buffer overflow

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

CVE-2017-5707

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary code...

CVE-2017-5710

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via unspecified vector...

CVE-2017-5707

CVE-2017-5707 corresponds to multiple kernel-level buffer overflows in Intel Trusted Execution Engine Firmware 3.0 that allow a local attacker to execute arbitrary code. The vulnerability is rooted in buffer overflow issues within the TXE kernel, with exploitation requiring local system access. T...

CVE-2017-5710

CVE-2017-5710 describes multiple privilege escalations in Intel Trusted Execution Engine (TXE) Firmware 3.0 kernels that allow an unauthorized process to access privileged content via an unspecified vector. The incident is tied to TXE alongside other Intel ME/SPS vulnerabilities (Intel-SA-00086 f...

Intel Firmware Vulnerability

Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourag...

The AWS metadata service SSRF vulnerability analysis-vulnerability warning-the black bar safety net

One, Foreword Recently I was busy with a small project, to study how the Docker container executing untrusted Python code. According to the project requirements, I need to test more online code execution engine, research them on the various attacks of the reaction. In the research process, I foun...

FireEye Operating System Multiple Vulnerabilities

The remote host is running a version of FireEye Operating System FEOS that is missing a vendor-supplied security patch. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the Virtual Execution Engine VXE during the handling of file names that were previously flagged for t...

Multiple FireEye Product Virtual Execution Engine Memory Corruption Vulnerabilities

FireEye is a well-known American cybersecurity company. Multiple memory corruption vulnerabilities exist in the implementation of several FireEye products. A remote attacker could exploit this vulnerability to execute arbitrary commands in the context of an affected application...