Search results
Results from the WOW.Com Content Network
The "!CVE" (not CVE) project, announced in 2023, aims to collect vulnerabilities that are denied by vendors, so long as they are considered valid by a panel of experts from the project. [16] CVE identifiers have been awarded for bogus issues and issues without security consequences. [17]
In August 2023 a vulnerability in AMD's Zen 1, Zen 2, Zen 3, and Zen 4 microarchitectures called Inception [61] [62] was revealed and assigned CVE-2023-20569. According to AMD it is not practical but the company will release a microcode update for the affected products.
LogoFAIL is a security vulnerability and exploit thereof that affects computer motherboard firmware with TianoCore EDK II, including Insyde Software's InsydeH2O modules and similar code in AMI and Phoenix firmware, which are commonly found on both Intel and AMD motherboards, and which enable loading of custom boot logos.
The Downfall vulnerability was discovered by the security researcher Daniel Moghimi, who publicly released information about the vulnerability in August 2023, after a year-long embargo period. [5] [6] Intel promised microcode updates to resolve the vulnerability. [1]
Reptar is a CPU vulnerability discovered in late 2023, affecting a number of recent families of Intel x86 CPUs. According to The Register, the following CPU families are vulnerable: Alder Lake, Raptor Lake and Sapphire Rapids. [1] The Reptar vulnerability relates to processing of x86 instruction prefixes in ways that lead to unexpected behavior ...
In August 2023, the NVD initially marked an integer overflow bug in old versions of cURL as a 9.8 out of 10 critical vulnerability. cURL lead developer Daniel Stenberg responded by saying this was not a security problem, the bug had been patched nearly 4 years prior, requested the CVE be rejected, and accused NVD of "scaremongering" and ...
The attack exploits the CVE-2023-41990, CVE-2023-32434 and CVE-2023-38606 zero-day vulnerabilities in these stages. After passing a check, the script on the web page additionally exploits the CVE-2023-32435 vulnerability and loads binary code into the device's memory, gaining root privileges and performing a more detailed check of the ...
aCropalypse (CVE-2023-21036) was a vulnerability in Markup, a screenshot editing tool introduced in Google Pixel phones with the release of Android Pie.The vulnerability, discovered in 2023 by security researchers Simon Aarons and David Buchanan, allows an attacker to view an uncropped and unaltered version of a screenshot.