Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2016-5100 — Froxlor Froxlor: before 0.9.35 uses the PHP rand function for random number generation, which makes
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-3616 — Libjpeg-turbo Libjpeg-turbo: The cjpeg utility in libjpeg allows remote attackers to cause a denial of service
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. CVSSv3.1 8.8 (HIGH)
CVE-2016-2788 — Puppet Marionette_collective: MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers
MCollective 2.7.0 and 2.8.x before 2.8.9, as used in Puppet Enterprise, allows remote attackers to execute arbitrary code via vectors related to the mco ping command. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-8771 — Gosa_project Gosa_plugin: The generate_smb_nt_hash function in include/functions.inc in GOsa allows remote attackers to execute arbitrary commands
The generate_smb_nt_hash function in include/functions.inc in GOsa allows remote attackers to execute arbitrary commands via a crafted password. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-8768 — Click_project Click: click/install.py in click does not require files in package filesystem tarballs to start with
click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges via a crafted package, as demonstrated by the test.mmrow app for Ubuntu phone. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-6210 — Openbsd Openssh: sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided. CVSSv3.1 5.9 (MEDIUM) · EPSS 100th percentile
CVE-2017-5954 — Serialize-to-js_project Serialize-to-js: Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code
An issue was discovered in the serialize-to-js package 0.5.0 for Node.js. Untrusted data passed into the deserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5953 — Vim Vim: before patch 8.0.0322 does not properly validate values for tree length when handling
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5941 — Node-serialize_project Node-serialize: Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code
An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). CVSSv3.1 9.8 (CRITICAL)
CVE-2017-5940 — Firejail_project Firejail: before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address dotfile cases during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-5180. CVSSv3.1 8.8 (HIGH)
CVE-2017-5180 — Firejail_project Firejail: before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option. CVSSv3.1 8.8 (HIGH)
CVE-2017-3807 — Cisco Adaptive_security_appliance_software: A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potent CVSSv3.1 8.8 (HIGH)
CVE-2016-6171 — Knot-dns Knot_dns: Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service
Knot DNS before 2.3.0 allows remote DNS servers to cause a denial of service (memory exhaustion and slave server crash) via a large zone transfer for (1) DDNS, (2) AXFR, or (3) IXFR. CVSSv3.1 8.6 (HIGH)
CVE-2016-5727 — Simplemachines Simple_machines_forum: LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object
LogInOut.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via vectors related to variables derived from user input in a foreach loop. CVSSv3.1 8.8 (HIGH)
CVE-2016-5726 — Simplemachines Simple_machines_forum: Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object
Packages.php in Simple Machines Forum (SMF) 2.1 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the themechanges array parameter. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-2148 — Busybox Busybox: Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote
Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involving OPTION_6RD parsing. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10192 — Ffmpeg Ffmpeg: Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10191 — Ffmpeg Ffmpeg: Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10190 — Ffmpeg Ffmpeg: Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-8832 — Dotclear Dotclear: Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users
Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries and comments" permissions to execute arbitrary PHP code by uploading a file with a (1) .pht, (2) .phps, or (3) .phtml extension. CVSSv3.1 8.8 (HIGH)
CVE-2015-6024 — Netcommwireless Hspa_3g10wve_firmware: ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-9005 — Ibm System_storage_ts3100-ts3200_tape_library: System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-8954 — Ibm Dashdb_local: dashDB Local uses hard-coded credentials that could allow a remote attacker to gain
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-2765 — Emc Isilon_insightiq: Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is
EMC Isilon InsightIQ 4.1.0, 4.0.1, 4.0.0, 3.2.2, 3.2.1, 3.2.0, 3.1.1, 3.1.0, 3.0.1, 3.0.0 is affected by an authentication bypass vulnerability that could potentially be exploited by attackers to compromise the affected system. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-8418 — Google Android: A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Product: Android. Versions: N/A. Android ID: A-32652894. References: QC-CR#1077457. CVSSv3.1 9.8 (CRITICAL)