Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2018-1273 — Broadcom Spring_data_commons: An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile
CVE-2018-7195 — Enhancesoft Osticket: before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated
Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number. CVSSv3.1 8.1 (HIGH) · EPSS 59th percentile
CVE-2017-5754 — Intel Atom_c: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. CVSSv3.1 5.6 (MEDIUM) · EPSS 100th percentile
CVE-2017-5753 — Intel Atom_c: Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CVSSv3.1 5.6 (MEDIUM) · EPSS 100th percentile
CVE-2017-8046 — Vmware Spring_boot: Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile
CVE-2017-16715 — Moxa Nport_5110_firmware: An attacker may be able to exploit a flaw in the handling of Ethernet
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow for information exposure. CVSSv3.1 8.6 (HIGH) · EPSS 48th percentile
CVE-2017-12350 — Cisco Umbrella_virtual_appliance: A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected virtual appliance with root privileges. The vulnerability is due to the presence of default, static user credentials for an affected virtual appliance. An attacker could exploit this vulnerability by using the hypervisor console to connect locally to an affected system and then using the static credentials to log in to an affect CVSSv3.1 8.2 (HIGH) · EPSS 27th percentile
CVE-2017-14032 — Arm Mbed_tls: mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. CVSSv3.1 8.1 (HIGH) · EPSS 51th percentile
CVE-2017-11349 — Thermofisher Dt8x_firmware: dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sending e-mail messages or making outbound connections to FTP servers for uploading data. CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2017-11165 — Thermofisher Dt80_dex_firmware: dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration information via a direct request for the /services/getFile.cmd?userfile=config.xml URI. CVSSv3.1 9.8 (CRITICAL) · EPSS 100th percentile
CVE-2017-7903 — Rockwellautomation 1763-l16awa_series_a: A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic
A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic controllers 1766-L32AWA, Series A and CVSSv3.1 9.8 (CRITICAL) · EPSS 46th percentile
CVE-2017-7898 — Rockwellautomation 1763-l16awa_series_a: There are no penalties for repeatedly entering incorrect passwords.
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWA, Series A and B, Version 16.00 and prior versions; 1763-L16BBB, Series A and B, Version 16.00 and prior versions; 1763-L16BWA, Series A and B, Version 16.00 and prior versions; and 1763-L16DWD, Series A and B, Version 16.00 and prior versions and Allen-Bradley MicroLogix 1400 programmable logic contro CVSSv3.1 9.8 (CRITICAL) · EPSS 79th percentile
CVE-2017-6034 — Schneider-electric Modbus_firmware: An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol.
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download. CVSSv3.1 9.8 (CRITICAL) · EPSS 32th percentile
CVE-2017-7563 — Trustedfirmware Trusted_firmware-a: In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits). CVSSv3.1 8.1 (HIGH) · EPSS 57th percentile
CVE-2016-9842 — Zlib Zlib: The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. CVSSv3.1 8.8 (HIGH) · EPSS 91th percentile
CVE-2016-9841 — Zlib Zlib: inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVSSv3.1 9.8 (CRITICAL) · EPSS 94th percentile
CVE-2016-9840 — Boost Boost: inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. CVSSv3.1 8.8 (HIGH) · EPSS 91th percentile
CVE-2017-2784 — Trustedfirmware Mbed_tls: A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an
An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vu CVSSv3.1 8.1 (HIGH) · EPSS 72th percentile
CVE-2016-1908 — Openbsd Openssh: The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. CVSSv3.1 9.8 (CRITICAL) · EPSS 84th percentile
CVE-2017-7575 — Schneider-electric Modicon_tm221ce16r_firmware: Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded. CVSSv3.1 9.8 (CRITICAL) · EPSS 80th percentile
CVE-2017-7574 — Schneider-electric Modicon_tm221ce16r_firmware: The Project Protection feature is used to prevent unauthorized users from opening an XML
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password ca CVSSv3.1 9.8 (CRITICAL) · EPSS 50th percentile
CVE-2015-8671 — Huawei Logcenter: V100R001C10 could allow an authenticated attacker to tamper with requests using a
Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions. CVSSv3.1 8.8 (HIGH)
CVE-2014-9696 — Huawei Tecal_e9000_chassis_firmware: The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier
The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions allows the operator to modify the user configuration of iMana through privilege escalation. CVSSv3.1 8.8 (HIGH)
CVE-2014-9695 — Huawei Tecal_e9000_chassis_firmware: The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier
The Hyper Module Management (HMM) software of Huawei Tecal E9000 Chassis V100R001C00SPC160 and earlier versions could allow a non-super-domain user who accesses HMM through SNMPv3 to perform operations on a server as a super-domain user. CVSSv3.1 8.8 (HIGH)
CVE-2014-9694 — Huawei Tecal_rh1288_v2_firmware: Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285
Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285 V2 V100R002C00SPC115 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal RH2285H V2 V100R002C00SPC111 and earlier versions, Tecal RH2268 V2 V100R002C00, Tecal RH2288 V2 V100R002C00SPC117 and earlier versions, Tecal RH2288H V2 V100R002C00SPC115 and earlier versions, Tecal RH2485 V2 V100R002C00SPC502 and earlier versions, Tecal RH5885 V2 V100R001C02SPC109 and earlier ve CVSSv3.1 8.8 (HIGH)