Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2020/11/12 12:53 p.m.33 views

CVE-2020-28368

A flaw was found in Xen where access to power/energy monitoring interfaces was not properly restricted to privileged software. This flaw allows an unprivileged guest administrator to create covert channels and infer the operations or data used by other contexts within the system, such as AES keys...

5.6CVSS3AI score0.00393EPSS
Exploits0References4
ubuntucve
ubuntucve
added 2020/11/10 7:15 p.m.27 views

CVE-2020-28368

Xen through 4.14.x allows guest OS administrators to obtain sensitive information such as AES keys from outside the guest via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for...

4.4CVSS6.8AI score0.00393EPSS
Exploits0References4
debiancve
debiancve
added 2020/11/10 6:17 p.m.38 views

CVE-2020-28368

Xen through 4.14.x allows guest OS administrators to obtain sensitive information such as AES keys from outside the guest via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for...

4.4CVSS5AI score0.00393EPSS
Exploits0
packetstorm
packetstorm
added 2016/09/07 12:0 a.m.66 views

Powerlogic / Schneider Electric IONXXXX CSRF / Missing Access Controls

Powerlogic/Schneider Electric IONXXXX series Smart Meters - Multiple security issues Impacted devices: ION7300 and potentially all IONXXXX models based off of Powerlogic For example, Power Measurement Ltd. Meter ION 7330V283 ETH ETH7330V274...

0.8AI score
Exploits0
Rows per page
Query Builder