Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2021-25296 — Nagios Nagios_xi: XI version xi-5.7.5 is affected by OS command injection.
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server. CVSSv3.1 8.8 (HIGH) · EPSS 99th percentile
CVE-2020-15798 — Siemens Simatic_hmi_comfort_panels_firmware: This could allow a remote attacker to gain full access to the device.
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All versions < V16 Update 3a), SIMATIC HMI KTP Mobile Panels (All versions < V16 Update 3a), SINAMICS GH150 (All versions), SINAMICS GL150 (with option X30) (All versions), SINAMICS GM150 (with option X30) (All versions), SINAMICS SH150 (All versions), SINAMICS SL150 (All versions), SINAMICS SM120 (All versions), SINAMICS SM150 (All versions), SINAMICS SM150i (All versions). Affected de CVSSv3.1 9.8 (CRITICAL) · EPSS 82th percentile
CVE-2020-8554 — Kubernetes Kubernetes: API server in all versions allow an attacker who is able to create
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. CVSSv3.1 6.3 (MEDIUM) · EPSS 96th percentile
CVE-2021-25323 — Misp-project Misp: The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to
The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password. CVSSv3.1 9.1 (CRITICAL)
CVE-2020-23630 — Zzcms Zzcms: A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection).
A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection). CVSSv3.1 8.8 (HIGH) · EPSS 66th percentile
CVE-2020-36183 — Fasterxml Jackson-databind: 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. CVSSv3.1 8.1 (HIGH) · EPSS 84th percentile
CVE-2020-27285 — Redlion Crimson: The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user
The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication. CVSSv3.1 9.1 (CRITICAL) · EPSS 40th percentile
CVE-2020-35728 — Fasterxml Jackson-databind: 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). CVSSv3.1 8.1 (HIGH) · EPSS 97th percentile
CVE-2020-29189 — Terra-master Tos: Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to
Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS CVSSv3.1 8.1 (HIGH) · EPSS 66th percentile
CVE-2020-35276 — Egavilanmedia Ecm_address_book: ECM Address Book 1.0 is affected by SQL injection.
EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user. CVSSv3.1 9.8 (CRITICAL) · EPSS 75th percentile
CVE-2020-35273 — Egavilanmedia User_registration_\&_login_system_with_admin_panel: User Registration & Login System with Admin Panel 1.0 is affected by Cross
EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account. CVSSv3.1 8.0 (HIGH) · EPSS 44th percentile
CVE-2020-28860 — Openasset Digital_asset_management: OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating
OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection. CVSSv3.1 8.8 (HIGH) · EPSS 80th percentile
CVE-2020-28858 — Openasset Digital_asset_management: Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forgery attacks on all user functions. CVSSv3.1 8.8 (HIGH) · EPSS 60th percentile
CVE-2017-15685 — Craftercms Crafter_cms: Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE).
Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. CVSSv3.1 8.6 (HIGH) · EPSS 74th percentile
CVE-2017-15683 — Craftercms Crafter_cms: In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. CVSSv3.1 8.6 (HIGH) · EPSS 72th percentile
CVE-2017-15681 — Craftercms Crafter_cms: In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE. CVSSv3.1 9.8 (CRITICAL) · EPSS 79th percentile
CVE-2020-29006 — Misp-project Misp: before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php.
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php. CVSSv3.1 9.8 (CRITICAL) · EPSS 65th percentile
impacket 0.9.22
Impacket 0.9.22 released with significant offensive capabilities including RPC over HTTP v2 protocol support, MS-NSPI/MS-OXNSPI implementations, and enhanced NTLM relay tooling. Key additions include Zerologon DCSync relay client, WCFRelayServer, RPC relay support in ntlmrelayx.py, and new tools (exchanger.py, rpcmap.py) for Exchange and RPC interface enumeration.
CVE-2020-7564 — Schneider-electric Modicon_tsxety4103_firmware: A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP. CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile
CVE-2020-7563 — Schneider-electric Modicon_tsxety4103_firmware: A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP. CVSSv3.1 8.8 (HIGH) · EPSS 78th percentile
CVE-2020-7562 — Schneider-electric Modicon_tsxety4103_firmware: A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon
A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP. CVSSv3.1 8.1 (HIGH) · EPSS 67th percentile
CVE-2020-28271 — Sharpred Deephas: Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. CVSSv3.1 9.8 (CRITICAL) · EPSS 86th percentile
CVE-2020-24881 — Enhancesoft Osticket: SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to
SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2020-25466 — Crmeb Crmeb: A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely
A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code. CVSSv3.1 9.8 (CRITICAL) · EPSS 86th percentile
CVE-2020-26867 — Arcinformatique Pcvue: ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of
ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server. CVSSv3.1 9.8 (CRITICAL) · EPSS 88th percentile