Lucene search
K

34 matches found

Cvelist
Cvelist
added 2025/04/10 3:0 a.m.49 views

CVE-2025-3489 Nababur Simple-User-Management-System register.php cross site scripting

A vulnerability was found in Nababur Simple-User-Management-System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument name/username leads to cross site scripting. The attack may be launched...

5.3CVSS0.00446EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2018-0322)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.5AI score0.60631EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2020:3714-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.8AI score0.00511EPSS
Exploits3References2
Intel
Intel
added 2021/05/11 12:0 a.m.56 views

Q2 2018 Speculative Execution Side Channel Update

Summary: Security researchers identified two software analysis methods that, if used for malicious purposes, have the potential to improperly gather sensitive data from multiple types of computing devices with different vendors’ processors and operating systems. Intel is committed to product and...

5.6CVSS5.9AI score0.60631EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2019/03/20 12:0 a.m.356 views

Security Updates for Windows 10 / Windows Server 2016 / Windows Server 2019 (March 2019) (Spectre) (Meltdown) (Foreshadow)

The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address the following vulnerabilities: - Spectre Variant 3a CVE-2018-3640: Rogue System Register Read RSRE. - Spectre Variant 4 CVE-2018-3639: Speculative Store Bypass SSB - L1TF CVE-2018-3620,...

5.6CVSS7.2AI score0.60631EPSS
Exploits2References11
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/31 8:10 p.m.67 views

Security Bulletin: IBM API Connect is affected by multiple third-party vulnerabilities (Node.js, nghttp2, Linux, Intel CPU, Android)

Summary API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-13094 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw in the xfsdashrinkinode function in fs/xfs/libxfs/xfsattrleaf.c. By persuading a victim to open a...

8.8CVSS0.7AI score0.7354EPSS
Exploits10Affected Software1
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.20 views

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value Here's a code snippet from sleh.c with the second level exception handler for undefined instruction exceptions: static void handleuncategorizedarmsavedstatet state, booleant instrLen2 exceptiontypet exception =...

7AI score
Exploits0
Lenovo
Lenovo
added 2018/09/13 11:41 a.m.1069 views

Speculative Execution Side Channel Variants 4 and 3a - US

Lenovo Security Advisory: LEN-22133 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory or registers, circumventing expected privilege levels Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3639, CVE-2018-3640 Summary...

4.9CVSS7AI score0.93838EPSS
Exploits14
Cloud Foundry
Cloud Foundry
added 2018/09/11 12:0 a.m.549 views

USN-3756-1: Intel Microcode vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Canonical Ubuntu 16.04 Description It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also kno...

5.6CVSS6.4AI score0.60631EPSS
Exploits2
OpenVAS
OpenVAS
added 2018/08/28 12:0 a.m.270 views

Ubuntu: Security Advisory (USN-3756-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS8AI score0.60631EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2018/08/28 12:0 a.m.89 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Intel Microcode vulnerabilities (USN-3756-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3756-1 advisory. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is...

5.6CVSS7.3AI score0.60631EPSS
Exploits2References4
OSV
OSV
added 2018/08/27 6:48 p.m.6 views

USN-3756-1 intel-microcode vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

5.6CVSS7.1AI score0.60631EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2018/08/27 6:48 p.m.104 views

USN-3756-1: Intel Microcode vulnerabilities

It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...

5.6CVSS7.2AI score0.60631EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/08/24 12:0 a.m.1911 views

Security Updates for Windows 10 / Windows Server 2016 (August 2018) (Spectre) (Meltdown) (Foreshadow)

The remote Windows host is missing a security update. It is, therefore, missing microcode updates to address Rogue System Register Read RSRE, Speculative Store Bypass SSB, L1 Terminal Fault L1TF, and Branch Target Injection vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if...

7.3CVSS7.2AI score0.60631EPSS
Exploits2References11
Mageia
Mageia
added 2018/07/25 8:24 a.m.74 views

Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...

5.6CVSS2.3AI score0.60631EPSS
Exploits2References1
OSV
OSV
added 2018/07/25 8:24 a.m.11 views

MGASA-2018-0322 Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...

5.6CVSS6.2AI score0.60631EPSS
Exploits2References2
SonicWall
SonicWall
added 2018/05/24 12:0 a.m.13 views

Rogue System Register Read (RSRE) – also known as Variant 3a

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read RSRE, Variant 3a. CVE:...

4.3CVSS5.2AI score0.07556EPSS
Exploits0
NVD
NVD
added 2018/05/22 12:29 p.m.28 views

CVE-2018-3640

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read RSRE, Variant 3a...

5.6CVSS5.2AI score0.07556EPSS
Exploits0References22
OSV
OSV
added 2018/05/22 12:29 p.m.1 views

DEBIAN-CVE-2018-3640

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read RSRE, Variant 3a...

5.6CVSS5.3AI score0.07556EPSS
Exploits0References1
OSV
OSV
added 2018/05/22 12:29 p.m.17 views

CVE-2018-3640

Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read RSRE, Variant 3a...

5.6CVSS6AI score0.60631EPSS
Exploits2References25
Rows per page
Query Builder