CVSS: 8.8EPSS: 0%CPEs: 761EXPL: 0CVE-2018-3628
https://notcve.org/view.php?id=CVE-2018-3628
10 Jul 2018 — Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. Desbordamiento de búfer en el manipulador HTTP en Intel Active Management Technology en Intel Converged Security Manageability Engine con versiones de firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x y 11.x podría permitir que un atacante ejecute código arbitrario ... • http://www.securitytracker.com/id/1041362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 758EXPL: 0CVE-2018-3629
https://notcve.org/view.php?id=CVE-2018-3629
10 Jul 2018 — Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. Desbordamiento de búfer en el manipulador de eventos en Intel Active Management Technology en Intel Converged Security Manageability Engine con versiones de firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x y 11.x podría permitir que un atacante provoque una den... • http://www.securitytracker.com/id/1041362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 758EXPL: 0CVE-2018-3632
https://notcve.org/view.php?id=CVE-2018-3632
10 Jul 2018 — Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. Corrupción de memoria en Intel Active Management Technology en Intel Converged Security Manageability Engine con versiones de firmware 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, 11.6, 11.7, 11.10 y 11.20 podría ser provocada por un atacante con ... • http://www.securitytracker.com/id/1041362 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 164EXPL: 0CVE-2018-3652
https://notcve.org/view.php?id=CVE-2018-3652
10 Jul 2018 — Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. Las restricciones de configuración UEFI existentes para DCI (Direct Connect Interface) en la familia E3 de procesadores Intel Xeon de 5ª y 6ª generación, los procesadores Intel Xeon Scalable y la familia D de proc... • https://security.netapp.com/advisory/ntap-20180802-0001 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1095EXPL: 0CVE-2018-3693 – Kernel: speculative bounds check bypass store
https://notcve.org/view.php?id=CVE-2018-3693
10 Jul 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. Los sistemas con microprocesadores que emplean la ejecución especulativa y la predicción de ramas podría permitir la divulgación no autorizada de información a un atacante con acceso de usuario local mediante un desbordamiento de búfer especulativo y el análisis de canal lateral. ... • https://access.redhat.com/errata/RHSA-2018:2384 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 1%CPEs: 500EXPL: 0CVE-2018-3640 – Apple Security Advisory 2018-10-30-2
https://notcve.org/view.php?id=CVE-2018-3640
22 May 2018 — Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan lecturas especulativas de registros del sistema podrían permitir la divulgación no autorizada de parámetros del sistema a un atacante c... • http://support.lenovo.com/us/en/solutions/LEN-22133 • CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 46%CPEs: 665EXPL: 7CVE-2018-3639 – AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
https://notcve.org/view.php?id=CVE-2018-3639
21 May 2018 — Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. Los sistemas con microprocesadores que emplean la ejecución especulativa y que realizan la ejecución especulativa de lecturas de memoria antes de que se conozcan las direcciones de todas l... • https://packetstorm.news/files/id/147839 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 0%CPEs: 1065EXPL: 1CVE-2018-9056
https://notcve.org/view.php?id=CVE-2018-9056
27 Mar 2018 — Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. Los sistemas con microprocesadores que utilizan ejecución especulativa podrían permitir la revelación de información no autorizada a un atacante con acceso de usuario local mediante un ataque de canal lateral en el predictor de saltos... • http://www.cs.ucr.edu/~nael/pubs/asplos18.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 94%CPEs: 1467EXPL: 10CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have imp... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 90%CPEs: 1090EXPL: 8CVE-2017-5715 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5715
04 Jan 2018 — Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción indirecta de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocess... • https://packetstorm.news/files/id/145645 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •