CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

111 matches found

Debian CVE•added 2022/07/12 12:0 a.m.•55 views

CVE-2022-29901

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under...

6.5CVSS7.2AI score0.04947EPSS

Exploits0

Amd•added 2022/07/12 12:0 a.m.•184 views

AMD CPU Branch Type Confusion

Bulletin ID: AMD-SB-1037 Potential Impact: Information disclosure, arbitrary speculative code execution Severity: Medium Summary This security bulletin addresses two issues related to CVE-2017-5715 previously known as Spectre Variant 2. As part of our efforts to continue improving security...

6.5CVSS7.6AI score0.74041EPSS

Exploits8

Tenable Nessus•added 2021/06/28 12:0 a.m.•40 views

OracleVM 3.4 : xen (OVMSA-2021-0020)

The remote OracleVM system is missing necessary patches to address security updates: - Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access. CVE-2021-0089 - Potential speculative code store bypass in a...

7.1CVSS6.3AI score0.01019EPSS

Exploits0References9

OSV•added 2021/06/24 2:15 p.m.•4 views

DEBIAN-CVE-2021-29955

A transient execution vulnerability, named Floating Point Value Injection FPVI allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. A related vulnerability, Speculative Code Store Bypass SCSB, did not affect Firefox.. This vulnerability...

5.3CVSS6.2AI score0.01522EPSS

Exploits0References1

Prion•added 2021/06/09 12:15 p.m.•24 views

Design/Logic Flaw

Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage...

2.1CVSS6.4AI score0.00328EPSS

Exploits0References1Affected Software1

CVE•added 2021/06/09 11:23 a.m.•101 views

CVE-2021-26313

CVE-2021-26313 describes a speculative code store bypass affecting AMD CPUs where speculative execution of overwritten instructions may leak data. AMD’s bulletin AMD-SB-1003 maps the CVE to all currently supported CPU products, noting potential data leakage and recommending mitigations, including...

5.5CVSS6.6AI score0.00328EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/06/09 11:23 a.m.•22 views

CVE-2021-26313 AMD Speculative Code Store Bypass

6.8AI score0.00328EPSS

Exploits0References1

Debian CVE•added 2021/06/09 11:23 a.m.•23 views

CVE-2021-26313

5.5CVSS3.9AI score0.00328EPSS

Exploits0

OpenVAS•added 2021/06/09 12:0 a.m.•20 views

SUSE: Security Advisory (SUSE-SU-2018:2332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.3AI score0.08101EPSS

Exploits2References20

Xen Project•added 2021/06/08 5:0 p.m.•143 views

Speculative Code Store Bypass

ISSUE DESCRIPTION Modern superscalar processors may employ sophisticated decoding and caching of the instruction stream to improve performance. However, a consequence is that self-modifying code updates may not take effect instantly. Whatever the architectural guarantees, some CPUs have...

6.5CVSS1.1AI score0.00372EPSS

Exploits0

OpenVAS•added 2021/04/19 12:0 a.m.•11 views

SUSE: Security Advisory (SUSE-SU-2018:2345-1)

7.8CVSS7.5AI score0.08101EPSS

Exploits0References5

OpenVAS•added 2021/04/19 12:0 a.m.•18 views

SUSE: Security Advisory (SUSE-SU-2018:2353-1)

7.8CVSS7.5AI score0.08101EPSS

Exploits0References6

OpenVAS•added 2021/04/19 12:0 a.m.•24 views

SUSE: Security Advisory (SUSE-SU-2018:2359-1)