11 matches found
CVE-2017-5715
CVE-2017-5715 (Spectre Variant 2) describes speculative-execution side-channel issues used to disclose memory. Connected docs show concrete mitigations and impact across vendors: AMD notes that LFENCE/JMP mitigation (V2-2) may be insufficient on some CPUs; AMD recommends standard mitigations (ret...
CVE-2017-5753
CVE-2017-5753 is part of the Spectre family (Variant 1) described in the SPECTRE_MELTDOWN_ADVISORY: it involves speculative execution and a bounds-check bypass that can enable an unprivileged attacker to read privileged memory via cache timing analysis. IBM’s AIX/VIOS advisories and iFixes addres...
CVE-2018-3639
CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...
CVE-2017-5754
CVE-2017-5754 is the Meltdown vulnerability: a speculative-execution side-channel in kernels could allow a local attacker to read privileged memory. Apple documents show Meltdown affecting Kernel on iOS/macOS/watchOS with related entries (e.g., CVE-2017-5754) and list mitigation via security upda...
CVE-2018-3693
CVE-2018-3693 (Spectre-NG Variant 1.1) affects speculative execution/branch-prediction CPUs and can allow local attackers to read memory via side-channels. Connected docs show F5 advisories for BIG-IP, BIG-IQ, and Traffix SDC listing affected platforms and indicate exposure is local (requires aut...
CVE-2018-3615
CVE-2018-3615 (L1 Terminal Fault: SGX) is a speculative‑execution side‑channel vulnerability affecting Intel SGX: a local attacker can exfiltrate data from an SGX enclave through the L1 data cache. The underlying cause is transient execution that, after a fault is raised, can still leak cache dat...
CVE-2018-3640
CVE-2018-3640 affects macOS EFI/Hypervisor components on macOS High Sierra 10.13.6 and Mojave 10.14, where systems with speculative execution and speculative reads of system registers may leak information via a side‑channel. The root cause is speculative execution side‑channel disclosures; a micr...
CVE-2021-0144
CVE-2021-0144 (Intel BSSA DFT) is triggered by insecure default variable initialization in the BIOS Shared SW Architecture Design for Test feature, enabling local privilege escalation for authenticated/privileged users. Public adapters include Intel’s advisory INTEL-SA-00525 and related vendor bu...
CVE-2021-0114
CVE-2021-0114 refers to an unchecked return value in the firmware for some Intel processors that could enable a local attacker to escalate privileges. The vulnerability is documented across multiple advisories (Intel IPU BIOS advisory and IBM HP/IBM QRadar related notes) and is described as a loc...
CVE-2018-9056
CVE-2018-9056 (BranchScope) describes a side-channel vulnerability affecting processors using speculative execution, enabling local attackers to infer memory contents through the Branch Prediction Unit’s patterns, notably the Pattern History Table (PHT). Documents consistently reference a hardwar...
CVE-2018-3652
CVE-2018-3652 relates to UEFI DCI (Direct Connect Interface) restrictions on 5th/6th gen Intel Xeon E3, Xeon Scalable, and Xeon D processors. The issue could allow a limited physical presence attacker to access platform secrets via debug interfaces when DCI policy/UEFI controls are in effect. The...