6349 matches found
USN-4385-2: Intel Microcode regression | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description USN-4385-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Skylake family 064EH from booting successfully...
UBUNTU-CVE-2017-9104
An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered...
CVE-2020-13844
A new speculative side-channel vulnerability was found that affects the ARM processor's code, 'Straight-line speculation.' This flaw allows a local attacker to infer cache contents through measuring timing access. The highest threat from this vulnerability is to confidentiality. Mitigation...
CVE-2020-3364
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
CVE-2020-3364
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
Design/Logic Flaw
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
CVE-2020-3364 Cisco IOS XR Software Standby Route Processor Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
CVE-2020-3364 Cisco IOS XR Software Standby Route Processor Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
Cisco IOS XR Access Control Error Vulnerability (CNVD-2020-34297)
Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. An access control error vulnerability exists in the ACL function of the alternate route processor management interface in Cisco IOS XR Software. A remote attacker could exploit this...
Cisco IOS XR Software Standby Route Processor Gigabit Ethernet Management Interface Access Control List Bypass Vulnerability
A vulnerability in the access control list ACL functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management...
Intel Adds Anti-Malware Protection in Tiger Lake CPUs
Intel’s upcoming class of mobile CPUs, code named “Tiger Lake,” will feature a long anticipated security layer, called Control-flow Enforcement Technology CET, which aims to protect against common malware attacks. CET protects against attacks on processors’ control flow, which refers to the order...
CVE-2020-0586
Improper initialization in subsystem for IntelR SPS versions before SPSE304.01.04.109.0 and SPSE304.08.04.070.0 may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access...
CVE-2020-0529
Improper initialization in BIOS firmware for 8th, 9th and 10th Generation IntelR CoreTM Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access...
CVE-2020-0528
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation IntelR CoreTM Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access...
Input validation
Improper initialization in BIOS firmware for 8th, 9th and 10th Generation IntelR CoreTM Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access...
Buffer overflow
Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation IntelR CoreTM Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access...
CVE-2020-0529
Improper initialization in BIOS firmware for 8th, 9th and 10th Generation IntelR CoreTM Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access...
PT-2020-8502 · Adns +2 · Adns +2
Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where it hangs and consumes CPU resources if a compression pointer loop is encountered. Recommendations: For versions prior to 1.5.2, update to version 1.5.2 or later t...
kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c
A flaw was found in the allocatetracebuffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer buf-buffer still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a...
nghttp2: overly large SETTINGS frames can lead to DoS
A resource consumption vulnerability was found in nghttp2. This flaw allows an attacker to repeatedly construct an overly large HTTP/2 SETTINGS frame with a length of 14,400 bytes that causes excessive CPU usage, leading to a denial of service...