Vulnerabilities (CVE)

Filtered by vendor Scontain Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-38023 2 Intel, Scontain 2 Software Guard Extensions, Scone 2024-02-28 N/A 5.5 MEDIUM
An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in __scone_dispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."
CVE-2022-46487 1 Scontain 1 Scone 2024-02-28 N/A 7.8 HIGH
Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis.
CVE-2022-46486 1 Scontain 1 Scone 2024-02-28 N/A 5.5 MEDIUM
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.