Lucene search
K

2279 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000205 advisory. An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory. An attacker who successfully exploited the...

5.6CVSS7.1AI score0.04521EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.10 views

PT-2026-27719

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's x86/fred component related to speculative safety within the fred extint function. The array index nospec function was not effectively utilized to...

9.8CVSS5.9AI score0.0049EPSS
Exploits0References468
Redos
Redos
added 2025/12/19 12:0 a.m.7 views

ROS-20251219-7302

Vulnerability in chromium is related to speculative race conditions that can lead to access to already freed memory areas in case of incorrect prediction of code branches by the processor. Exploitation of the vulnerability could allow an attacker to access protected memory from a program without...

4.7CVSS7.1AI score0.00168EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991276)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991276 advisory. A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an...

4.7CVSS7.1AI score0.0616EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/12/11 12:3 a.m.7 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

7.5CVSS7AI score0.0049EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/10 6:30 p.m.5 views

EUVD-2025-202587

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

6.5AI score0.0049EPSS
Exploits1References3
NVD
NVD
added 2025/12/10 6:16 p.m.4 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

7.5CVSS0.0049EPSS
Exploits1References2
OSV
OSV
added 2025/12/10 6:16 p.m.4 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

7.5CVSS5.9AI score0.0049EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.5 views

XiangShan安全漏洞

XiangShan is an open source high performance RISC-V processor project open sourced by XiangShan in China. A security vulnerability exists in XiangShan that stems from speculative execution and indirect branch prediction that could lead to a side-channel analysis attack...

7.5CVSS6.6AI score0.0049EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.27 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

0.0049EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/10 12:0 a.m.2 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackers to access sensitive information via side-channel analysis of the data cache...

6.6AI score0.0049EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.5 views

PT-2025-50363

Name of the Vulnerable Software and Affected Versions XiangShan Nanhu V2 XiangShan Kunmighu V3 Description The software uses speculative execution and indirect branch prediction, potentially allowing attackers to access sensitive information through side-channel analysis of the data cache...

6.5AI score0.0049EPSS
Exploits1References4
CVE
CVE
added 2025/12/10 12:0 a.m.24 views

CVE-2025-63094

XiangShan Nanhu V2 and XiangShan Kunmighu V3 are affected by a speculative execution/indirect branch prediction vulnerability that enables side-channel access to data in the cache, allowing potential disclosure of sensitive information. Exploitation details are not provided in the connected docum...

7.5CVSS6.6AI score0.0049EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/11/12 11:15 a.m.6 views

UBUNTU-CVE-2025-40143

In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpfsccvisit on speculative path Syzbot generated a program that triggers a verifierbug call in maybeexitscc. maybeexitscc assumes that, when called for a state with insnidx in some SCC,...

4.6CVSS5.9AI score0.0022EPSS
Exploits0References10
CVE
CVE
added 2025/11/12 10:23 a.m.16 views

CVE-2025-40143

CVE-2025-40143 concerns the Linux kernel BPF verifier. Syzbot-generated input could trigger a verifier_bug() in maybe_exit_scc() when processing a state inside an SCC, under speculative execution paths. The root cause was an assumption that an existing bpf_scc_visit instance always accompanies a ...

6AI score0.0022EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/11/10 4:21 a.m.3 views

microcode_ctl: From CVEorg collector

New Spectre-v2 attack classes have been discovered within CPU architectures that enable self-training exploitation of speculative execution within the same privilege domain. These novel techniques bypass existing hardware and software mitigations, including IBPB, eIBRS, and BHINO, by leveraging...

5.7CVSS6AI score0.00371EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990585 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB...

5.5CVSS6.2AI score0.00276EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.4 views

Astra Linux – Vulnerability in pam

A vulnerability was discovered in PAM. Secret information is stored in memory, and the attacker can trigger the victim’s program to execute by sending characters to its standard input stdin. During this process, the attacker can instruct the branch predictor to execute a ROP chain speculatively...

4.7CVSS6.6AI score0.00265EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Siemens SIMATIC Devices Improper Control of Resource Identifiers (CVE-2024-42265)

"In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for...

5.5CVSS6.3AI score0.00281EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-15519

Malware in sbrugna...

5.6CVSS6.9AI score0.00611EPSS
Exploits0References29
Rows per page
Query Builder