The vulnerability of Intel and ARM processors is caused by a memory access control error during speculative execution of processor instructions, allowing attackers to disclose protected information.

The vulnerabilities of Intel and ARM processors stem from errors in memory access control during speculative execution of processor instructions. Exploiting these vulnerabilities allows attackers to gain access to protected memory from a program that does not have the necessary privileges. This i...

[ASA-201711-15] lib32-openssl: multiple issues

Arch Linux Security Advisory ASA-201711-15 ========================================== Severity: Medium Date : 2017-11-08 CVE-ID : CVE-2017-3735 CVE-2017-3736 Package : lib32-openssl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-478 Summary ======= The package...

Design/Logic Flaw

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

JustSystems Ichitaro Heap Buffer Overflow Vulnerability

JustSystems Ichitaro is a suite of word processing software from the Japanese company JustSystems. A heap buffer overflow vulnerability in the Ichitaro word processor in JustSystems Ichitaro allows remote attackers to exploit the vulnerability to construct malicious files that can be parsed by th...

JustSystems Ichitaro Buffer Overflow Vulnerability

JustSystems Ichitaro is a suite of word processing software from the Japanese company JustSystems. A heap-based buffer overflow vulnerability exists in the Ichitaro word processor in JustSystems Ichitaro, which allows remote attackers to build malicious files that can be parsed by the user, causi...

DEBIAN-CVE-2016-3158

The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits. NOT...

PT-2013-6168 · Amd +2 · Amd Processors +2

Name of the Vulnerable Software and Affected Versions: AMD processors versions 16h 00h through 0Fh Description: The issue arises from the microcode's improper handling of the interaction between locked instructions and write-combined memory types. This allows local users to cause a denial of...

CVE-2012-0217

The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microso...

Fedora Core 1 : gdk-pixbuf-0.22.0-11.2.2 (2004-286)

During testing of a previously fixed flaw in Qt CVE-2004-0691, a flaw was discovered in the BMP image processor of gdk-pixbuf. An attacker could create a carefully crafted BMP file which would cause an application to enter an infinite loop and not respond to user input when the file was opened by...