Lucene search
K

452 matches found

UbuntuCve
UbuntuCve
added 2020/06/08 11:15 p.m.18 views

CVE-2020-13844

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation."...

5.5CVSS7AI score0.00504EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2020/05/04 12:0 a.m.32 views

openSUSE Security Update : xen (openSUSE-2020-599)

This update for xen fixes the following issues : Security issues fixed : - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...

8.8CVSS6.7AI score0.00527EPSS
Exploits1References17
OSV
OSV
added 2020/04/28 5:49 a.m.9 views

SUSE-SU-2020:1124-1 Security update for xen

This update for xen fixes the following issues: Security issues fixed: - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1169392. - CVE-2020-11740, CVE-2020-11741: xen: XSA-313 multiple xenoprof issues bsc1168140. - CVE-2020-11739: Missing memory barriers in read-write unlock paths...

8.8CVSS6.9AI score0.00527EPSS
Exploits1References18
CNVD
CNVD
added 2020/04/15 12:0 a.m.1 views

Big Research Insider Edition has a dll hijacking vulnerability

Big Research Insider Edition is a stock speculation software. Big Research Insider Edition suffers from a dll hijacking vulnerability, which can be exploited by attackers to load a malicious dll and execute arbitrary code...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/08 10:16 p.m.25 views

CVE-2019-7308

A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize,...

5.6CVSS1.4AI score0.00543EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2020/01/15 12:0 a.m.100 views

Unbreakable Enterprise kernel security update

2.6.39-400.318.1 - x86/speculation: Determine swapgs before alternative instructions are set Patrick Colp Orabug: 30379640 - scsi: libsas: delete sas port if expander discover failed Jason Yan Orabug: 30580689 CVE-2019-15807...

4.7CVSS1.7AI score0.00405EPSS
Exploits0
Xen Project
Xen Project
added 2020/01/14 2:21 p.m.58 views

arm: a CPU may speculate past the ERET instruction

ISSUE DESCRIPTION Some CPUs can speculate past an ERET instruction and potentially perform speculative accesses to memory before processing the exception return. Since the register state is often controlled by lower privilege level i.e guest kernel/userspace at the point of the ERET, this could...

1.8AI score
Exploits0
Oracle linux
Oracle linux
added 2019/11/26 12:0 a.m.55 views

kernel security and bug fix update

3.10.0-1062.7.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.7.1 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...

8.8CVSS0.1AI score0.03133EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2019/11/22 12:0 a.m.44 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0056)

The remote OracleVM system is missing necessary patches to address critical security updates : - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond...

7.8CVSS7AI score0.03784EPSS
Exploits6References13
Oracle linux
Oracle linux
added 2019/11/20 12:0 a.m.88 views

Unbreakable Enterprise kernel security update

4.1.12-124.33.4 - ocfs2: protect extent tree in ocfs2prepareinodeforwrite Shuning Zhang Orabug: 30036349 - ocfs2: direct-IO: protect getblocks Junxiao Bi Orabug: 30036349 - SUNRPC: Remove xprtconnectstatus Trond Myklebust Orabug: 30165838 - SUNRPC: Handle ENETDOWN errors Trond Myklebust Orabug:...

7.8CVSS7.8AI score0.94686EPSS
Exploits7
Amazon
Amazon
added 2019/11/14 12:0 a.m.42 views

Medium: microcode_ctl, kernel

Issue Overview: This security update is only applicable to EC2 Bare Metal instance types using Intel processors. Intel has released microcode updates for certain Intel CPUs. After installing the updated microcodectl package, the microcode will be automatically activated on next boot. Improper...

6.5CVSS7.4AI score0.03133EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.88 views

kernel security update

3.10.0-1062.4.3.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.3 - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie...

7.8CVSS0.5AI score0.03133EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/11/14 12:0 a.m.76 views

kernel security update

3.10.0-1062.4.2.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 3.10.0-1062.4.2 - drm drm/i915: Lower RM timeout to avoid DSI hard hangs Dave Airli...

7.8CVSS0.5AI score0.03133EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/11/12 12:0 a.m.67 views

Unbreakable Enterprise kernel security update

2.6.39-400.315.1.1 - x86/tsx: Add config options to set tsx=on|off|auto Michal Hocko Orabug: 30419231 CVE-2019-11135 - x86/speculation/taa: Add documentation for TSX Async Abort Pawan Gupta Orabug: 30419231 CVE-2019-11135 - x86/tsx: Add 'auto' option to TSX cmdline parameter Pawan Gupta Orabug:...

6.5CVSS0.4AI score0.03133EPSS
Exploits0
Oracle linux
Oracle linux
added 2019/09/12 12:0 a.m.103 views

kernel security and bug fix update

4.18.0-80.11.10.OL8 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 4.18.0-80.11.10 - wireless mwifiex: Don't abort on small, spec-compliant...

8.8CVSS8.6AI score0.52199EPSS
Exploits28
Oracle linux
Oracle linux
added 2019/09/09 12:0 a.m.163 views

Unbreakable Enterprise kernel security update

2.6.39-400.314.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165287 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165287 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1 swapgs...

5.6CVSS2AI score0.04521EPSS
Exploits4
Oracle linux
Oracle linux
added 2019/09/05 12:0 a.m.84 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.38.1 - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 30165288 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 30165288 CVE-2019-1125 - x86/speculation: Prepare entry code for Spectre v1...

5.6CVSS2AI score0.04521EPSS
Exploits4
Oracle linux
Oracle linux
added 2019/08/15 12:0 a.m.147 views

Unbreakable Enterprise kernel security update

4.14.35-1902.4.8 - x86/boot: Clear RSDP address in bootparams for broken loaders Juergen Gross Orabug: 30111373 4.14.35-1902.4.7 - rds: ib: Qualify CM REQ duplicate detection with connection being up Hakon Bugge Orabug: 30062149 - rds: Further prioritize local loop-back connections Hakon Bugge...

7.8CVSS0.52199EPSS
Exploits25
Oracle linux
Oracle linux
added 2019/08/14 12:0 a.m.225 views

kernel security and bug fix update

2.6.32-754.18.2.OL6 - Update genkey bug 25599697 2.6.32-754.18.2 - x86 x86/speculation: Enable Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 - x86 x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations Waiman Long 1724512 CVE-2019-1125 2.6.32-754.18.1 - virt xenbu...

7.8CVSS0.5AI score0.04521EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.231 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571...

7.2CVSS7.1AI score0.04521EPSS
Exploits4References6
Rows per page
Query Builder