CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

382 matches found

Tenable Nessus•added 2021/08/28 12:0 a.m.•46 views

openSUSE 15 Security Update : spectre-meltdown-checker (openSUSE-SU-2021:2861-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:2861-1 advisory. - Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker...

5.6CVSS7.4AI score0.93838EPSS

Exploits9References4

RedhatCVE•added 2021/07/25 10:27 a.m.•109 views

CVE-2018-3639

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the...

5.6CVSS2.7AI score0.93838EPSS

Exploits11References2

RedhatCVE•added 2021/07/20 6:54 p.m.•69 views

CVE-2017-5715

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant...

5.6CVSS2.7AI score0.93838EPSS

Exploits12References2

Intel•added 2021/05/11 12:0 a.m.•56 views

Q3 2018 Speculative Execution Side Channel Update

Summary: Security researchers have identified a speculative execution side-channel method called L1 Terminal Fault L1TF. This method impacts select microprocessor products supporting Intel® Software Guard Extensions Intel® SGX. Further investigation by Intel has identified two related application...

7.3CVSS6.7AI score0.08101EPSS

Exploits0

ThreatPost•added 2021/03/16 2:1 p.m.•297 views

Google Releases Spectre PoC Exploit For Chrome

Google has released proof-of-concept PoC exploit code, which leverages the Spectre attack against the Chrome browser to leak data from websites. Three years after the Spectre attack was first disclosed, researchers with Google have now released a demonstration website that leverages the attack,...

4.7CVSS6.8AI score0.93838EPSS

Exploits12References9

BDU FSTEC•added 2020/12/07 12:0 a.m.•4 views

The vulnerability of the components term.arh and core.arh of the EKRA 200 microprocessor series allows a hacker to access confidential information and create new configuration files.

The vulnerability of the term.arh and core.arh components of the EKRA microprogramming system lies in the presence of pre-installed registration data. Exploiting this vulnerability can allow attackers to access confidential information and create new configuration files...

5.6CVSS5.5AI score

Exploits0References1Affected Software1

BDU FSTEC•added 2020/12/07 12:0 a.m.•15 views

The vulnerability of the core.arh component of the EKRA 200 microprocessor series allows a hacker to cause a system failure.

The vulnerability of the core.arh component of the microprogramming software for PLC ERCA is related to insufficient processing of input data during updates. Exploiting this vulnerability can allow a malicious actor to cause service failures using a specially crafted HEX/LDR file...

6.8CVSS5.5AI score

Exploits0References1Affected Software1

BDU FSTEC•added 2020/11/18 12:0 a.m.•2 views

The vulnerability of Intel microprocessor microprogramming software arises from insufficient testing of input data, allowing attackers to exploit this weakness to gain increased privileges.

The vulnerability of Intel processor microprogramming software exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.7CVSS7.2AI score0.00419EPSS

Exploits0References3

RedhatCVE•added 2020/04/05 10:54 a.m.•44 views

CVE-2018-3693

An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an...

5.9CVSS3.1AI score0.08416EPSS

Exploits0References2

Wired Threat Level•added 2020/01/27 6:0 p.m.•28 views

Intel Is Patching the Patch for the Patch for Its ‘Zombieload’ Flaw

Intel's made two attempts to fix the microprocessor vulnerability it was warned about 18 months ago. Third time’s the charm?...

2.1AI score

Exploits0

OpenVAS•added 2020/01/23 12:0 a.m.•39 views

Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2018-1265)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8CVSS7.7AI score0.60631EPSS

Exploits2References2

OpenVAS•added 2020/01/23 12:0 a.m.•28 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2018-1017)

5.6CVSS7.2AI score0.74041EPSS

Exploits8References2

OpenVAS•added 2020/01/23 12:0 a.m.•271 views

Huawei EulerOS: Security Advisory for java-1.7.0-openjdk (EulerOS-SA-2018-1192)

5.5CVSS7.4AI score0.60631EPSS

Exploits2References2

OpenVAS•added 2020/01/23 12:0 a.m.•19 views

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2018-1195)