Lucene search
K

5012 matches found

CVE
CVE
added 2017/02/27 7:25 a.m.55 views

CVE-2017-5925

CVE-2017-5925 describes an Intel MMU page-table walk side-channel vulnerability where, during virtual-to-physical address translation, the MMU leaves traces in the last-level cache, enabling a JavaScript-based attack to leak data and code pointers and break ASLR. Connected sources note that the A...

7.5CVSS7.3AI score0.01581EPSS
Exploits1References3Affected Software20
CVE
CVE
added 2017/02/27 7:25 a.m.64 views

CVE-2017-5927

CVE-2017-5927 affects ARM processors where page table walks by the MMU during virtual-to-physical address translation leave traces in the last-level cache. A side-channel attack via JavaScript can infer memory and code pointers, breaking ASLR. The linked SUSE entry and related coverage confirm th...

7.5CVSS7.3AI score0.01581EPSS
Exploits1References3Affected Software20
Cvelist
Cvelist
added 2017/02/27 7:25 a.m.27 views

CVE-2017-5926

Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR...

7.4AI score0.01581EPSS
Exploits1References3
OSV
OSV
added 2017/02/22 4:59 p.m.3 views

DEBIAN-CVE-2016-9378

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging an incorrect choice for software interrupt delivery...

5.5CVSS6.2AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2017/02/22 4:59 p.m.2 views

DEBIAN-CVE-2016-9377

Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service guest crash by leveraging IDT entry miscalculation...

5.5CVSS8.5AI score0.0039EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2017/02/03 9:12 a.m.64 views

USN-3189-1: Linux kernel vulnerabilities

Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon mcryptd in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service system crash. CVE-2016-10147 Qidan He discovered that the...

7.6CVSS6.6AI score0.02341EPSS
Exploits0
Lenovo
Lenovo
added 2017/01/25 12:0 a.m.14 views

Intel Processor Memory Sinkhole Vulnerability

Lenovo Security Advisory: LEN-3748 Summary: Memory Sinkhole Vulnerability Description: In August 2015 at the Black Hat security conference, researcher Chris Domas presented a vulnerability found in Intel x86 processors manufactured between 1997 and 2010 prior to the Sandy Bridge generation. Throu...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2017/01/17 11:0 a.m.8 views

SHA-1 End Times Have Arrived

For the past couple of years, browser makers have raced to migrate from SHA-1 to SHA-2 as researchers have intensified warnings about collision attacks moving from theoretical to practical. In just weeks, a transition deadline set by Google, Mozilla and Microsoft for the deprecation of SHA-1 is u...

6.7AI score
Exploits0References12
Ubuntu
Ubuntu
added 2017/01/11 8:26 a.m.93 views

USN-3169-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
0day.today
0day.today
added 2016/11/23 12:0 a.m.125 views

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) Exploit

Exploit for hardware platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send...

9.2AI score0.79947EPSS
Exploits6
Exploit DB
Exploit DB
added 2016/11/21 12:0 a.m.90 views

D-Link DIR-Series Routers - HNAP Login Stack Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' Payload working status: MIPS: - all valid payloads working the ones that we are able to send without null bytes ARM: - inline rev/bind shell works...

10CVSS7.4AI score0.79947EPSS
Exploits6
ThreatPost
ThreatPost
added 2016/11/18 12:45 p.m.16 views

Qualcomm and HackerOne Partner on Bounty Program

Qualcomm kicked off its first bug bounty program Thursday, opening the door for white hat hackers to find flaws in a dozen Snapdragon mobile chipsets and related software. Rewards for the invite-only bug bounty program top $15,000 each. HackerOne will facilitate Qualcomm’s bounty program; the...

0.1AI score
Exploits0References6
Oracle linux
Oracle linux
added 2016/11/09 12:0 a.m.121 views

glibc security, bug fix, and enhancement update

2.17-157 - Rebuild with updated binutils 1268008 2.17-156 - malloc arena free free list management fix 1276753 2.17-155 - Basic validity check for locale-archive.tmpl 1350733 2.17-153 - Add Intel AVX-512 optimized routines 1298526. 2.17-151 - Improve malloc peformance in low-memory situations...

8.1CVSS8.3AI score0.89557EPSS
Exploits17
Ubuntu
Ubuntu
added 2016/08/30 4:28 p.m.73 views

USN-3070-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...

7.8CVSS7.5AI score0.15073EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/08/10 10:58 a.m.89 views

USN-3057-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privileges. CVE-2016-3135 It was...

7.8CVSS7.3AI score0.01009EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2016/08/01 12:0 a.m.48 views

Debian DLA-571-1 : xen security update (Bunker Buster)

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2014-3672 XSA-180 Andrew Sorensen discovered that a HVM domain can exhaust the hosts disk space by filling up the log file. CVE-2016-3158,...

8.8CVSS7.3AI score0.00916EPSS
Exploits0References10
The Hacker News
The Hacker News
added 2016/07/18 7:1 a.m.8 views

Japan's Softbank buys semiconductor giant ARM for $32 Billion in Cash

Japanese telecommunication giant SoftBank has confirmed that the company intends to acquire UK chip designer ARM Holdings for almost $32 Billion £24.3 Billion in an all-cash deal. ARM has also agreed to this offer from SoftBank and said that its board would recommend the all-cash deal to...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2016/06/21 4:16 a.m.6 views

China develops the World's Most Powerful Supercomputer without US chips

China beats its own record with the World's fastest supercomputer. Sunway TaihuLight, a newly built supercomputer from China, now ranks as the world's most powerful machine. During the International Supercomputer Conference in Germany on Monday, Top500 declared China's 10.65 Million-core Sunway...

6.8AI score
Exploits0
Fedora
Fedora
added 2016/05/07 1:30 p.m.16 views

[SECURITY] Fedora 24 Update: i7z-0.27.2-16.20150629gitec09c4f.fc24

i7z is a CLI curses based monitoring tool for Intel Core i7, i5 and i3 processors...

2.8AI score
Exploits0
Fedora
Fedora
added 2016/04/28 9:53 p.m.20 views

[SECURITY] Fedora 23 Update: i7z-0.27.2-16.20150629gitec09c4f.fc23

i7z is a CLI curses based monitoring tool for Intel Core i7, i5 and i3 processors...

2.8AI score
Exploits0
Rows per page
Query Builder