CVSS: 8.2EPSS: 0%CPEs: 182EXPL: 0CVE-2018-3627
https://notcve.org/view.php?id=CVE-2018-3627
10 Jul 2018 — Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. Un error de lógica en Intel Converged Security Management Engine 11.x podría permitir que un atacante ejecute código arbitrario mediante el acceso local privilegiado. • https://security.netapp.com/advisory/ntap-20190327-0006 •
CVSS: 5.6EPSS: 0%CPEs: 481EXPL: 0CVE-2018-3665 – Kernel: FPU state information leakage via lazy FPU restore
https://notcve.org/view.php?id=CVE-2018-3665
14 Jun 2018 — System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel. El software de sistema que emplea la técnica de restauración de estado Lazy FP en los sistemas que emplean microprocesadores de Intel Core podrían permitir que un proceso local infiera datos de otro proceso mediante un canal lateral de ejecución especulativa. A Floating Point Unit (FP... • http://www.securityfocus.com/bid/104460 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 0%CPEs: 1065EXPL: 1CVE-2018-9056
https://notcve.org/view.php?id=CVE-2018-9056
27 Mar 2018 — Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. Los sistemas con microprocesadores que utilizan ejecución especulativa podrían permitir la revelación de información no autorizada a un atacante con acceso de usuario local mediante un ataque de canal lateral en el predictor de saltos... • http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 97%CPEs: 1467EXPL: 10CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have imp... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 97%CPEs: 1090EXPL: 8CVE-2017-5715 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5715
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción indirecta de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocess... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 97%CPEs: 1059EXPL: 6CVE-2017-5754 – hw: cpu: speculative execution permission faults handling
https://notcve.org/view.php?id=CVE-2017-5754
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. Los sistemas con microprocesadores con ejecución especulativa y predicción indirecta de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de la caché de los datos. An industry-wide issue was found in the way m... • https://github.com/ionescu007/SpecuCheck • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •