CVE-2011-10025

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/subtitleprocessorm3ubof.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

Researchers Defeat AMD's SEV Virtual Machine Encryption

German security researchers claim to have found a new practical attack against virtual machines VMs protected using AMD's Secure Encrypted Virtualization SEV technology that could allow attackers to recover plaintext memory data from guest VMs. AMD's Secure Encrypted Virtualization SEV technology...

ClipperCMS Cross-Site Scripting Vulnerability

ClipperCMS is a content management system CMS. A cross-site scripting vulnerability exists in the 'Site Name' field of the 'site' tag under configuration in ClipperCMS version 1.3.3. A remote attacker can exploit this vulnerability by sending a specially crafted site name to the...

CVE-2018-1309

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

CVE-2018-1309

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior...

CVE-2018-1309

Apache NiFi SplitXML processor is affected by an XML External Entity (XXE) vulnerability. Malicious XML content can lead to information disclosure or remote code execution. The issue arises from handling external entities and DOCTYPE processing; mitigation implemented in NiFi 1.6.0 disables exter...

CVE-2018-3640

creationtimestamp| type| source ---|---|--- 2018-05-22 07:26:30+00:00| seen| https://t.me/N0iSeBit/55 2018-06-18 10:12:13+00:00| seen| https://t.me/SecLabNews/2448 2018-10-20 18:57:59+00:00| seen| https://t.me/offzonemoscow/27 2018-12-31 06:05:10+00:00| seen|...

Intel the reproduction of new vulnerabilities or be subjected to hackers implant attack script-vulnerability warning-the black bar safety net

5 on 22, reported,yesterday, Intel and Microsoft announced a Spectre and Meltdown security vulnerability, the new variant-the“variant 4”. The new variant is the use of“Speculative Store Bypass”, the defect enables the Processor chip to a potential unsafe area to disclose sensitive information...

Multiple CPU Hardware Information Disclosure Vulnerabilities

CPU hardware is the firmware that runs in the central processor to manage and control the CPU. Multiple CPU Hardware information disclosure vulnerabilities. The vulnerability arises due to a contention condition in CPU cache processing. A local attacker can exploit the vulnerability to obtain...

BD Kiestra and InoquIA Systems (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION : Exploitable from adjacent network Vendor : Becton, Dickinson and Company BD Equipment : BD Kiestra and InoqulA systems Vulnerabilities : Product UI does not Warn User of Unsafe Actions 2. UPDATE INFORMATION This updated advisory is a follow-up to the...

Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability

Description Multiple CPU Hardware are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected ARM Cortex A15 ARM Cortex A57 ARM Cortex A72 IBM AIX 5.3 IBM AIX 6.1 IBM AIX 7.1 IBM Aix...

SAP NetWeaver Web Dynpro Information Disclosure

Application: SAP NetWeaver Web Dynpro 6.4 to 7.5 - Information disclosure Versions Affected: SAP NetWeaver 6.4 - 7.5 Vendor URL: http://SAP.com Bugs: Information disclosure Enumerate users Sent: 2016-12-15 Reported: 2016-12-15 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 23445...

[SECURITY] Fedora 27 Update: libreoffice-5.4.6.2-6.fc27

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

[SECURITY] Fedora 28 Update: libreoffice-6.0.3.2-9.fc28

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...

April 10, 2018—KB4093112 (OS Build 16299.371)

April 10, 2018—KB4093112 OS Build 16299.371 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides support to control usage of Indirect Branch Prediction Barrier IBPB within some AMD...

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

A team of security researchers has reportedly discovered a total of eight new "Spectre-class" vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial...

NVIDIA Tegra Mobile Processor BootROM Recovery Mode Buffer Overflow Vulnerability

NVIDIA Tegra mobile processors are central processor products from NVIDIA Corporation.BootROM Recovery Mode RCM is one of the Engineering Mode components that enables data modification. A buffer overflow vulnerability exists in RCM in versions of the NVIDIA Tegra mobile processor prior to 2016. A...

EulerOS 2.0 SP2 : openssl (EulerOS-SA-2018-1115)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms...

OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network...

[SECURITY] Fedora 26 Update: libreoffice-5.3.7.2-9.fc26

LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...