19 matches found
EUVD-2013-6539
Malware in sbrugna...
EUVD-2024-43770
Malicious code in bioql PyPI...
CVE-2025-49600
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsverify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS Leighton-Micali Signature forgery in a fault scenario. Specifically, unchecked return values in mbedtlslmsverify allow an attacker who can induce ...
CVE-2025-49600
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsverify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS Leighton-Micali Signature forgery in a fault scenario. Specifically, unchecked return values in mbedtlslmsverify allow an attacker who can induce ...
CVE-2024-49422
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...
CVE-2024-54031 netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsethash: unaligned atomic read on struct nftsetext Access to genmask field in struct nftsetext results in unaligned atomic read: 72.130109 Unable to handle kernel paging request at virtual address ffff0000c2bb708c...
CVE-2024-49422
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...
CVE-2024-49422
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...
CVE-2024-49422
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...
CVE-2024-49422
Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...
CVE-2024-49422
CVE-2024-49422 describes a protection mechanism failure in the bootloader of Samsung mobile devices. Prior to SMR Oct-2024 Release 1, the bootloader protection can be bypassed by a hardware fault injection, allowing a physical attacker to reset the lockscreen failure count. The exploit requires u...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from a failure in the bootloader protection mechanism, allowing a physical...
PT-2024-33533
Name of the Vulnerable Software and Affected Versions Bootloader versions prior to SMR Oct-2024 Release 1 Description A failure in the protection mechanism of the bootloader allows physical attackers to reset the lockscreen failure count by injecting a hardware fault. This issue requires user...
Intel Processors 安全漏洞
Intel Processors are American Intel Corporation's provide for interpreting computer instructions and processing data in computer software. A security vulnerability exists in Intel Processors that originates from a hardware logic error contained in the finite state machine FSM. The vulnerability...
AZL-49881 CVE-2024-44969 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, ther...
CVE-2024-35875 x86/coco: Require seeding RNG with RDRAND on CoCo systems
In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted a...
CVE-2024-35875 x86/coco: Require seeding RNG with RDRAND on CoCo systems
In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted a...
IBM Storwize Authenticated Information Disclosure
The remote Storwize device is a model that is affected by an authenticated information disclosure vulnerability. In the event of a hardware fault, memory contents containing customer data may be written to a file that can be read by an authenticated user of the system who may not otherwise have...
Sun M-class hardware denial of service
Sun/Fujitsu M4000-M9000 machines are very expensive multicpu sparc64 architecture machines, scaling all the way up to 64 processors, 256 cores, and 512 threads. They use the Fujitsu SPARC64 VI and more recently VII processors. The smallest models are large 6U 84kg, and the larger models are fridg...