Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2015-8623 — Mediawiki Mediawiki: The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote attackers to guess the edit token and bypass CSRF protection via a timing attack, a different vulnerability than CVE-2015-8624. CVSSv3.1 8.8 (HIGH)
CVE-2015-5729 — Samsung Nt14u_firmware: The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via a brute-force attack. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-4166 — Cloudera Key_trustee_server: Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-0855 — Pitivi Pitivi: The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary
The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path. CVSSv3.1 9.8 (CRITICAL)
CVE-2014-8731 — Phpmemcachedadmin_project Phpmemcachedadmin: 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors
PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot. CVSSv3.1 9.8 (CRITICAL)
CVE-2014-7279 — Kankunit Konke_smart_plug_firmware: The Konke Smart Plug K does not require authentication for TELNET sessions, which allows
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote attackers to obtain "equipment management authority" via TCP traffic to port 23. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6361 — Qnap Qts: before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified
QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6360 — Qnap Qts: before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6359 — Qnap Qts: before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5897 — Linux Linux_kernel: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have
The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5538 — Samsung Samsung_mobile: The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0)
The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5206 — Firejail_project Firejail: before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers
Firejail before 0.9.44.4, when running on a Linux kernel before 4.8, allows context-dependent attackers to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument. CVSSv3.1 9.0 (CRITICAL)
CVE-2016-5758 — Netiq Access_manager: A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 before 4.1.2
A cross site request forgery protection mechanism in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be circumvented by repeated uploads causing a high load. CVSSv3.1 8.8 (HIGH)
CVE-2016-5757 — Netiq Access_manager: iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-5750 — Netiq Access_manager: The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot
The certificate upload feature in iManager in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users. CVSSv3.1 8.8 (HIGH)
CVE-2016-1597 — Netiq Access_governance_suite: A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges
A logged-in user in NetIQ Access Governance Suite 6.0 through 6.4 could escalate privileges to administrator. CVSSv3.1 8.8 (HIGH)
CVE-2017-7235 — Cloudflare-scrape_project Cloudflare-scrape: An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1.
An issue was discovered in cloudflare-scrape 1.6.6 through 1.7.1. A malicious website owner could craft a page that executes arbitrary Python code against any cfscrape user who scrapes that website. This is fixed in 1.8.0. CVSSv3.1 8.8 (HIGH)
CVE-2017-6972 — Alienvault Ossim: USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulnerability than CVE-2017-6970 and CVE-2017-6971. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-3864 — Cisco Ios: A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0
A vulnerability in the DHCP client implementation of Cisco IOS (12.2, 12.4, and 15.0 through 15.6) and Cisco IOS XE (3.3 through 3.7) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker CVSSv3.1 8.6 (HIGH)
CVE-2017-3858 — Cisco Ios_xe: A vulnerability in the web framework of Cisco IOS XE Software could allow an
A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of HTTP parameters supplied by the user. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected web page parameter. The user must be authenticated to access the affected paramete CVSSv3.1 8.8 (HIGH)
CVE-2017-3853 — Cisco Iox: A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment
A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process CVSSv3.1 9.8 (CRITICAL)
CVE-2017-3852 — Cisco Iox: A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application
A vulnerability in the Cisco application-hosting framework (CAF) component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input validation of user-supplied application packages. An attacker who can upload a malicious package within Cisco IOx could exploit the vulnerability to modify arbitrary files. The imp CVSSv3.1 8.1 (HIGH)
CVE-2017-7230 — Disksorter Disk_sorter: A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-7226 — Gnu Binutils: The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. CVSSv3.1 9.1 (CRITICAL)
CVE-2017-6971 — Alienvault Ossim: USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving the PHP session ID and the NfSen PHP code, aka AlienVault ID ENG-104862. CVSSv3.1 8.8 (HIGH)