Lucene search

K

Assorted[chips] Security Vulnerabilities

githubexploit
githubexploit

Exploit for Out-of-bounds Write in Apple Ipad Os

Gex is an iOS 14.7 jailbreak using...

6.4AI Score

2021-11-30 02:56 PM
330
nessus
nessus

F5 Networks BIG-IP : Rowhammer hardware vulnerability (K60570139)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K60570139 advisory. Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal ...

9CVSS

9AI Score

0.002EPSS

2023-11-02 12:00 AM
2
vulnrichment
vulnrichment

CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

7AI Score

0.0004EPSS

2024-03-18 10:07 AM
cve
cve

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

6.8AI Score

0.0004EPSS

2024-03-18 11:15 AM
43
cvelist
cvelist

CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

7.8AI Score

0.0004EPSS

2024-03-18 10:07 AM
debiancve
debiancve

CVE-2023-52817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is...

5.5CVSS

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
1
ubuntucve
ubuntucve

CVE-2023-52817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL.....

5.5CVSS

5.3AI Score

0.0004EPSS

2024-05-21 12:00 AM
openvas
openvas

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0124-1)

The remote host is missing an update for...

8.8CVSS

7.7AI Score

0.011EPSS

2024-03-04 12:00 AM
5
malwarebytes
malwarebytes

Google patches critical vulnerability for Androids with Qualcomm chips

In April’s update for the Android operating system (OS), Google has patched 28 vulnerabilities, one of which is rated critical for Android devices equipped with Qualcomm chips. You can find your device’s Android version number, security update level, and Google Play system level in your Settings...

9.8CVSS

8.6AI Score

0.001EPSS

2024-04-03 08:40 PM
24
nessus
nessus

RHEL 8 : userspace graphics, xorg-x11, and mesa (RHSA-2021:1804)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1804 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical...

7.8CVSS

8.8AI Score

0.001EPSS

2021-05-19 12:00 AM
24
schneier
schneier

Hardware Vulnerability in Apple’s M-Series Chips

It's yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s...

7AI Score

2024-03-28 11:05 AM
9
cve
cve

CVE-2023-52817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL.....

5.5CVSS

6.6AI Score

0.0004EPSS

2024-05-21 04:15 PM
160
cvelist
cvelist

CVE-2023-52817 drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL.....

5.2AI Score

0.0004EPSS

2024-05-21 03:31 PM
nessus
nessus

macOS and Mac OS X Multiple Vulnerabilities (Security Update 2017-003)

The remote host is running Mac OS X 10.10.5, Mac OS X 10.11.6, or macOS 10.12.5 and is missing a security update. It is therefore, affected by multiple vulnerabilities : An overflow condition exists in the curl component in the dprintf_formatf() function that is triggered when handling...

9.8CVSS

8.7AI Score

0.059EPSS

2017-07-25 12:00 AM
140
nvd
nvd

CVE-2023-52817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL.....

5.5CVSS

5.2AI Score

0.0004EPSS

2024-05-21 04:15 PM
rapid7blog
rapid7blog

New! Insight Agent Support for ARM-based Windows in InsightVM

We are pleased to introduce Insight Agent support of ARM-based Windows 11 devices for both vulnerability and policy assessment within InsightVM. Customers with Windows 11 devices powered by ARM processors can now take advantage of the great performance and lower power requirements of these chips...

7.1AI Score

2024-05-31 06:34 PM
6
nessus
nessus

Apple iOS < 10.3.3 Multiple Vulnerabilities

The version of Apple iOS running on the mobile device is prior to 10.3.3. It is, therefore, affected by multiple vulnerabilities : A flaw exists in Safari due to inconsistent user interface behavior. An unauthenticated, remote attacker can exploit this, via a malicious website, to spoof...

9.8CVSS

2.3AI Score

0.085EPSS

2017-07-25 12:00 AM
25
malwarebytes
malwarebytes

A week in security (April 1 &#8211; April 7)

A list of topics we covered in the week of April 1 to April 7 of 2024 Last week on Malwarebytes Labs: 60% of small businesses are concerned about cybersecurity threats Cookie consent choices are just being ignored by some websites Bing ad for NordVPN leads to SecTopRAT Jackson County hit by...

7AI Score

2024-04-08 08:18 AM
4
nessus
nessus

Debian DSA-4564-1 : linux - security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may...

7.8CVSS

7.8AI Score

0.001EPSS

2019-11-14 12:00 AM
51
nessus
nessus

Debian DLA-1990-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may manipulate the...

7.8CVSS

8AI Score

0.001EPSS

2019-11-14 12:00 AM
17
debiancve
debiancve

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

7AI Score

0.0004EPSS

2024-03-18 11:15 AM
8
thn
thn

Nvidia Powers World's Fastest Supercomputer with Over 7,000 GPUs

Chipmaker Nvidia announced that a new supercomputer built in China, powered by over 7,000 of its graphics processor units (GPUs), is now the world's fastest. This supercomputer, constructed by the National University of Defense Technology and located at the National Supercomputing Center in...

7.1AI Score

2010-10-31 09:15 AM
3
ubuntucve
ubuntucve

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

6.7AI Score

0.0004EPSS

2024-03-18 12:00 AM
8
redhatcve
redhatcve

CVE-2020-10255

A Rowhammer flaw was found in latest DDR4 DRAM hardware chips. These chips implement Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced bit corruption across memory space. An unprivileged system user may leverage this flaw and use Rowhammer attack variants to induce bit...

9CVSS

1.9AI Score

0.002EPSS

2020-03-10 03:41 PM
20
thn
thn

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. "These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices...

7.6AI Score

2024-05-31 01:42 PM
1
redhatcve
redhatcve

CVE-2023-52817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL In certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL.....

5.5CVSS

5.2AI Score

0.0004EPSS

2024-05-23 11:12 AM
2
openvas
openvas

RedHat Update for kernel RHSA-2014:1143-01

The remote host is missing an update for...

6.9AI Score

0.0004EPSS

2014-09-04 12:00 AM
21
redhatcve
redhatcve

CVE-2021-42114

A Rowhammer flaw was found in the latest DDR4 DRAM hardware chips. This flaw is different from the previously known attack (CVE-2020-10255) by non-uniform patterns of memory access. These DDR4 DRAM hardware chips implement a Target Row Refresh (TRR) mitigation to prevent a Rowhammer flaw-induced...

9CVSS

8.6AI Score

0.002EPSS

2021-11-16 02:44 PM
26
nessus
nessus

Cisco IP Phones Information Disclosure (CVE-2022-20660)

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device. This vulnerability is due to unencrypted storage of confidential information on an affected device.....

4.6CVSS

4.5AI Score

0.001EPSS

2024-03-18 12:00 AM
4
thn
thn

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

6.2AI Score

2024-03-25 09:02 AM
24
openvas
openvas

RedHat Update for mesa RHSA-2013:0898-01

The remote host is missing an update for...

6.4AI Score

0.014EPSS

2013-06-04 12:00 AM
15
openvas
openvas

RedHat Update for mesa RHSA-2013:0897-01

The remote host is missing an update for...

6.4AI Score

0.014EPSS

2013-06-04 12:00 AM
5
redhatcve
redhatcve

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

6.9AI Score

0.0004EPSS

2024-03-18 01:22 PM
13
oraclelinux
oraclelinux

kernel security, bug fix, and enhancement update

[5.14.0-427.13.1_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update...

9.8CVSS

7.5AI Score

0.011EPSS

2024-05-02 12:00 AM
6
nvd
nvd

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he...

7.6AI Score

0.0004EPSS

2024-03-18 11:15 AM
openbugbounty
openbugbounty

chips-corner.com Improper Access Control vulnerability OBB-3795606

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

7AI Score

2023-11-27 01:43 AM
2
talosblog
talosblog

Enter the substitute teacher

Welcome to this week's threat source newsletter with Jon out, you've got me as your substitute teacher. I'm taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day, will I be the teacher that just rolls in the TV cart and delivers the single...

7.7AI Score

2024-03-28 02:00 PM
7
nessus
nessus

openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI ...

8.4CVSS

8.8AI Score

0.022EPSS

2019-03-27 12:00 AM
22
nessus
nessus

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6765-1 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed...

7.8CVSS

7.5AI Score

EPSS

2024-05-07 12:00 AM
6
nessus
nessus

Debian DLA-2114-1 : linux-4.9 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2018-13093, CVE-2018-13094 Wen Xu from SSLab at Gatech reported several NULL pointer dereference flaws that may be triggered when mounting and...

9.8CVSS

9.6AI Score

0.048EPSS

2020-03-06 12:00 AM
12
schneier
schneier

How Public AI Can Strengthen Democracy

With the world's focus turning to misinformation, manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But we're learning that AI has a democracy problem, too. Both challenges must be addressed for the sake of democratic...

6.9AI Score

2024-03-07 12:00 PM
10
malwarebytes
malwarebytes

Update your iPhones and iPads now: Apple patches security vulnerabilities in iOS and iPadOS

Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited. Zero-day vulnerabilities are discovered by attackers before the software company itself - meaning the vendor has 'zero days' to fix them. Both the two...

7.8CVSS

7.1AI Score

0.002EPSS

2024-03-06 12:45 PM
17
nessus
nessus

openSUSE Security Update : the Linux Kernel (openSUSE-2019-2181)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2017-18551: There was an out of bounds write in the function i2c_smbus_xfer_emulated (bnc#1146163). CVE-2018-20976: A use after free exists, related to ...

9.1CVSS

9.5AI Score

0.019EPSS

2019-09-25 12:00 AM
66
thn
thn

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD...

7.3AI Score

2024-03-28 10:55 AM
10
nessus
nessus

EulerOS Virtualization for ARM 64 3.0.6.0 : linux-firmware (EulerOS-SA-2020-1997)

According to the versions of the linux-firmware packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka...

9.8CVSS

9.2AI Score

0.201EPSS

2020-09-29 12:00 AM
88
talosblog
talosblog

Not everything has to be a massive, global cyber attack

Some of my Webex rooms recently have been blowing up with memes about blaming Canada or wild speculation that a state-sponsored actor is carrying out some sort of major campaign. After a widespread outage of cellular service with AT&T and other carriers a few weeks ago, people were sure it was...

6.8AI Score

0.0004EPSS

2024-03-14 06:00 PM
15
cert
cert

TCG TPM2.0 implementations vulnerable to memory corruption

Overview Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and.....

8.8CVSS

8.6AI Score

EPSS

2023-02-28 12:00 AM
302
nessus
nessus

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1062)

The openSUSE Leap 15.2 was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c had a memory leak, aka CID-28ebeb8db770 (bnc#1173514). CVE-2020-12771: btree_gc_coalesce in ...

5.5CVSS

7.3AI Score

0.001EPSS

2020-07-27 12:00 AM
37
openvas
openvas

Mageia: Security Advisory (MGASA-2017-0395)

The remote host is missing an update for...

5.9CVSS

6.2AI Score

0.004EPSS

2022-01-28 12:00 AM
4
schneier
schneier

How the “Frontier” Became the Slogan of Uncontrolled AI

Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration will drive the next era of growth, wealth, and human flourishing. It's a scary metaphor. Throughout American history, the drive for expansion and the very concept of terrain....

6.8AI Score

2024-02-29 12:00 PM
8
Total number of security vulnerabilities1115