Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2016-7781 — Exponentcms Exponent_cms: SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-7780 — Exponentcms Exponent_cms: SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers
SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-3159 — Apache Camel: Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability.
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-7145 — Nefarious2_project Nefarious2: The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints
The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6411 — Dlink Dsl-2730u_firmware: Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers
Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. CVSSv3.1 8.8 (HIGH)
CVE-2017-5633 — D-link Di-524_firmware: Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. CVSSv3.1 8.0 (HIGH)
CVE-2017-6416 — Flexense Sysgauge: A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution.
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6351 — Wepresent Wipg-1500_firmware: The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account. This account is not documented, nor is the DEBUG feature or the use of telnetd on port tcp/5885. CVSSv3.1 8.1 (HIGH)
CVE-2017-6445 — Openelec Openelec: The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4
The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and 8.0.4 uses neither encrypted connections nor signed updates. A man-in-the-middle attacker could manipulate the update packages to gain root access remotely. CVSSv3.1 8.1 (HIGH)
CVE-2016-7408 — Dropbear_ssh_project Dropbear_ssh: The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via a crafted (1) -m or (2) -c argument. CVSSv3.1 8.8 (HIGH)
CVE-2016-7407 — Dropbear_ssh_project Dropbear_ssh: The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code
The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-7406 — Dropbear_ssh_project Dropbear_ssh: Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary
Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-8814 — Umbraco Umbraco: before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file. CVSSv3.1 8.8 (HIGH)
CVE-2015-8813 — Umbraco Umbraco: The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct
The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter. CVSSv3.1 8.2 (HIGH)
CVE-2017-5830 — Revive-adserver Revive_adserver: Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data
Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-2290 — Puppet Mcollective-puppet-agent: On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non-administrator user can create an executable that will be executed with administrator privileges on the next "mco puppet" run. Puppet Enterprise users are not affected. This is resolved in mcollective-puppet-agent 1.12.1. CVSSv3.1 8.8 (HIGH)
CVE-2016-10206 — Zoneminder Zoneminder: Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to
Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php. CVSSv3.1 8.8 (HIGH)
CVE-2016-10204 — Zoneminder Zoneminder: SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10194 — Festivaltts4r_project Festivaltts4r: The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell
The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10193 — Espeak-ruby_project Espeak-ruby: The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands
The espeak-ruby gem before 1.0.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the speak, save, bytes or bytes_wav method in lib/espeak/speech.rb. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10127 — Pysaml2_project Pysaml2: allows remote attackers to conduct XML external entity (XXE) attacks via a crafted
PySAML2 allows remote attackers to conduct XML external entity (XXE) attacks via a crafted SAML XML request or response. CVSSv3.1 9.0 (CRITICAL)
CVE-2017-6413 — Openidc Mod_auth_openidc: The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote attackers to bypass authentication via crafted HTTP traffic. CVSSv3.1 8.6 (HIGH)
CVE-2017-6409 — Veritas Netbackup: Unauthenticated CORBA interfaces permit inappropriate access.
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier. Unauthenticated CORBA interfaces permit inappropriate access. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-6407 — Veritas Netbackup: An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2.
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Privileged remote command execution on NetBackup Server and Client (on the server or a connected client) can occur. CVSSv3.1 8.8 (HIGH)
CVE-2017-6406 — Veritas Access: An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2.
An issue was discovered in Veritas NetBackup Before 7.7.2 and NetBackup Appliance Before 2.7.2. Arbitrary privileged command execution, using whitelist directory escape with "../" substrings, can occur. CVSSv3.1 8.8 (HIGH)