Search results
Results from the WOW.Com Content Network
Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities. CVE's common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization's security ...
The Common Attack Pattern Enumeration and Classification or CAPEC is a catalog of known cyber security attack patterns [1] to be used by cyber security professionals to prevent attacks.
Speculative Store Bypass (SSB) (CVE-2018-3639) is the name given to a hardware security vulnerability and its exploitation that takes advantage of speculative execution in a similar way to the Meltdown and Spectre security vulnerabilities. [1] It affects the ARM, AMD and Intel families of processors.
[4] At the same time, according to Dell: "No 'real-world' exploits of these vulnerabilities [i.e., Meltdown and Spectre] have been reported to date [7 February 2018], though researchers have produced proof-of-concepts." [77] [78] Several procedures to help protect home computers and related devices from the vulnerability have been published.
aCropalypse (CVE-2023-21036) was a vulnerability in Markup, a screenshot editing tool introduced in Google Pixel phones with the release of Android Pie. The vulnerability, discovered in 2023 by security researchers Simon Aarons and David Buchanan, allows an attacker to view an uncropped and unaltered version of a screenshot.
Common Weakness Enumeration (CWE) logo. The Common Weakness Enumeration (CWE) is a category system for hardware and software weaknesses and vulnerabilities.It is sustained by a community project with the goals of understanding flaws in software and hardware and creating automated tools that can be used to identify, fix, and prevent those flaws. [1]
The BlueKeep security vulnerability was first noted by the UK National Cyber Security Centre [2] and, on 14 May 2019, reported by Microsoft. The vulnerability was named BlueKeep by computer security expert Kevin Beaumont on Twitter. BlueKeep is officially tracked as: CVE-2019-0708 and is a "wormable" remote code execution vulnerability. [5] [6]
The vulnerability was first reported to Microsoft by security researcher Tom Tervoort from Secura on 17 August 2020 and dubbed "Zerologon". [ 1 ] [ 3 ] Zerologon was given a Common Vulnerability Scoring System v3.1 severity ranking of 10 by the U.S. American National Institute of Standards and Technology and a 5.5 by Microsoft.