dotnet: malicious content causes high CPU and memory usage

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

dotnet: malicious content causes high CPU and memory usage

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

CVE-2021-26347

CVE-2021-26347 is referenced in several advisories as part of AMD/ kernel-firmware updates. The description states a failure to validate the integer operand in the AMD Secure Processor bootloader could allow an integer overflow in the L2 directory table in SPI flash, potentially causing a denial ...

Debian: Security Advisory (DSA-5133-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AMD Processors 安全漏洞

AMD Processors is a processor from AMD in the United States. AMD Processors has a security vulnerability that stems from trusting a dishonest Migration Agent MA...

Intel Boot Guard and Intel TXT Advisory - Lenovo Support US

No description provided...

AMD Speculative Load Disordering - Lenovo Support US

No description provided...

Intel Processor Speculative Cross Store Bypass Advisory - Lenovo Support US

No description provided...

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

CVE-2021-46771

CVE-2021-46771 : The AMD Secure Processor (ASP) firmware system call has insufficient validation of addresses, potentially allowing arbitrary code execution by a compromised user application. This is tied to the ASP/firmware boundary and could impact systems relying on ASP for secure processing. ...

CVE-2021-46771

Insufficient validation of addresses in AMD Secure Processor ASP firmware system call may potentially lead to arbitrary code execution by a compromised user application...

kernel: DoS in ccp_run_aes_gcm_cmd() function

A memory leak flaw was found in the Linux kernel's ccprunaesgcmcmd function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability...

hw: cpu: intel: Intra-Mode BTI

A flaw was found in hw. The Intra-mode BTI refers to a variant of Branch Target Injection aka SpectreV2 BTI where an indirect branch speculates to an aliased predictor entry for a different indirect branch in the same predictor mode, and a disclosure gadget at the predicted target transiently...

AMD Client Vulnerabilities – May 2022

Bulletin ID: AMD-SB-1027 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...

Microsoft Windows Print Spooler Components 权限许可和访问控制问题漏洞

An elevation of privilege vulnerability exists in Microsoft Windows Print Spooler Components, a print backend processor component of Microsoft Corporation USA. The vulnerability stems from an incorrect program call to a high-level native procedure. An attacker could exploit this vulnerability to...

Siemens SIMATIC 资源管理错误漏洞

The Siemens SIMATIC CP 44x-1 RNA is a controller for communication processors connected to Ethernet from Siemens, Germany. A denial of service vulnerability exists in the Siemens SIMATIC CP 44x-1 RNA, which can be exploited by an attacker to create a denial of service condition by executing an AR...

AMD Server Vulnerabilities - May 2022

Bulletin ID: AMD-SB-1028 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Secure Processor ASP, AMD System Management Un...