Lucene search
K

16 matches found

OSV
OSV
added 2024/08/29 11:15 p.m.11 views

UBUNTU-CVE-2024-1545

Fault Injection vulnerability in RsaPrivateDecryption function in wolfssl/wolfcrypt/src/rsa.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the...

8.8CVSS5.9AI score0.00544EPSS
Exploits0References3
NVD
NVD
added 2024/02/14 10:15 p.m.16 views

CVE-2023-48733

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.7AI score0.00256EPSS
Exploits0References5
NVD
NVD
added 2024/02/14 10:15 p.m.13 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.4AI score0.00237EPSS
Exploits0References4
Prion
Prion
added 2024/02/14 10:15 p.m.22 views

Default configuration

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...

4CVSS7AI score0.00256EPSS
Exploits0References4
OSV
OSV
added 2024/02/14 9:57 p.m.4 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS7AI score0.00256EPSS
Exploits0References6
CVE
CVE
added 2024/02/14 9:57 p.m.54 views

CVE-2023-49721

CVE-2023-49721 describes an insecure default in Ubuntu’s EDK2 firmware where UEFI Shell access was left enabled in LXD, enabling an OS-resident attacker with local access to bypass Secure Boot. Connected documents corroborate a cross-release pattern (Ubuntu edk2 packages) and note remediation in ...

6.7CVSS6.4AI score0.00237EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2024/02/14 9:57 p.m.20 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.6AI score0.00237EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2024/02/14 9:57 p.m.15 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.4AI score0.00237EPSS
Exploits0
CVE
CVE
added 2024/02/14 9:54 p.m.89 views

CVE-2023-48733

Summary: CVE-2023-48733 describes an insecure default in Ubuntu’s EDK2 firmware that enables the UEFI Shell, allowing an OS-resident attacker to bypass Secure Boot locally. What is affected: Ubuntu’s edk2 UEFI firmware packages (EDK2) shipped with a default that enables the UEFI Shell. Root cause...

6.7CVSS6.7AI score0.00256EPSS
Exploits0References5Affected Software2
AlpineLinux
AlpineLinux
added 2024/02/14 9:54 p.m.4 views

CVE-2023-48733

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS7.2AI score0.00256EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/02/14 9:54 p.m.38 views

CVE-2023-48733

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.3AI score0.00256EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/14 12:0 a.m.11 views

CVE-2023-49721

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.7AI score0.00237EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/14 12:0 a.m.25 views

CVE-2023-48733

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...

6.7CVSS6.8AI score0.00256EPSS
Exploits0References4
Imperva Blog
Imperva Blog
added 2021/06/23 1:37 p.m.201 views

Know your enemy! The four types of cyber attackers trying to breach your security today

As business needs compel organizations to manage an ever-increasing number of database types, both on-premise and in the cloud, the threat surface has also become larger and far more difficult to manage effectively. The bad actors out there know this, too. They are constantly probing, testing, an...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/05/08 12:28 p.m.4 views

openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

A microprocessor side-channel vulnerability was found on SMT e.g, Hyper-Threading architectures. An attacker running a malicious process on the same core of the processor as the victim process can extract certain secret information...

4.7CVSS6.9AI score0.03418EPSS
Exploits4References6
RedHat Linux
RedHat Linux
added 2016/12/15 10:11 p.m.5 views

OpenSSL: Side channel attack on modular exponentiation

A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...

5.1CVSS6.8AI score0.0191EPSS
Exploits1References6
Rows per page
Query Builder