Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2017-3791 — Cisco Cisco_prime_home: A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated
A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime H CVSSv3.1 10.0 (CRITICAL)
CVE-2017-3790 — Cisco Expressway: A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence
A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets i CVSSv3.1 8.6 (HIGH)
CVE-2016-9225 — Cisco Asa_cx_context-aware_security_software: A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security
A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit co CVSSv3.1 8.6 (HIGH)
CVE-2016-8491 — Fortinet Fortiwlc: The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. CVSSv3.1 9.1 (CRITICAL)
CVE-2016-10164 — X.org Libxpm: Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow. CVSSv3.1 9.8 (CRITICAL)
CVE-2017-3823 — Cisco Activetouch_general_plugin_container: A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privil CVSSv3.1 8.8 (HIGH)
CVE-2016-9420 — Mybb Merge_system: (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers
MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers to have unspecified impact via vectors related to "loose comparison false positives." CVSSv3.1 9.8 (CRITICAL)
CVE-2016-9416 — Mybb Merge_system: SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8
SQL injection vulnerability in the users data handler in MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-9412 — Mybb Merge_system: (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to have unspecified impact via vectors related to low adminsid and sid entropy. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-9403 — Mybb Merge_system: newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows
newreply.php in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allows remote attackers to have unspecified impact by leveraging a missing permission check. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-9402 — Mybb Merge_system: SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and
SQL injection vulnerability in the moderation tool in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors. CVSSv3.1 9.8 (CRITICAL)
CVE-2015-8974 — Mybb Merge_system: SQL injection vulnerability in the Group Promotions module in the admin control panel in
SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CVSSv3.1 10.0 (CRITICAL)
CVE-2015-8973 — Mybb Merge_system: xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge
xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to the forum password. CVSSv3.1 8.3 (HIGH)
CVE-2016-6621 — Phpmyadmin Phpmyadmin: The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6
The setup script for phpMyAdmin before 4.0.10.19, 4.4.x before 4.4.15.10, and 4.6.x before 4.6.6 allows remote attackers to conduct server-side request forgery (SSRF) attacks via unspecified vectors. CVSSv3.1 8.6 (HIGH)
CVE-2016-10043 — Mrf Web_panel: The MSM_MACRO_NAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command
An issue was discovered in Radisys MRF Web Panel (SWMS) 9.0.1. The MSM_MACRO_NAME POST parameter in /swms/ms.cgi was discovered to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands and retrieve the output in the application's responses. Attackers could execute unauthorized commands, which could then be used to disable the software, or read, write, and modify data for which the attacker does not have per CVSSv3.1 10.0 (CRITICAL)
CVE-2016-9132 — Botan_project Botan: In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-6604 — Samsung Exynos_fimg2d: NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows
NULL pointer dereference in Samsung Exynos fimg2d driver for Android L(5.0/5.1) and M(6.0) allows attackers to have unspecified impact via unknown vectors. The Samsung ID is SVE-2016-6382. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-6270 — Trendmicro Virtual_mobile_infrastructure: The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in Trend Micro Virtual Mobile Infrastructure before 5.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the password to api/v1/cfg/oauth/save_identify_pfx/. CVSSv3.1 8.8 (HIGH)
CVE-2016-6269 — Trendmicro Smart_protection_server: Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200
Multiple directory traversal vulnerabilities in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allow remote attackers to read and delete arbitrary files via the tmpfname parameter to (1) log_mgt_adhocquery_ajaxhandler.php, (2) log_mgt_ajaxhandler.php, (3) log_mgt_ajaxhandler.php or (4) tf parameter to wcs_bwlists_handler.php. CVSSv3.1 9.1 (CRITICAL)
CVE-2016-6267 — Trendmicro Smart_protection_server: SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) spare_Community, (2) spare_AllowGroupIP, or (3) spare_AllowGroupNetmask parameter to admin_notification.php. CVSSv3.1 8.8 (HIGH)
CVE-2016-6266 — Trendmicro Smart_protection_server: ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) host or (2) apikey parameter in a register action, (3) enable parameter in a save_stting action, or (4) host or (5) apikey parameter in a test_connection action. CVSSv3.1 8.8 (HIGH)
CVE-2015-2181 — Roundcube Webmail: Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before
Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username. CVSSv3.1 8.8 (HIGH)
CVE-2015-2180 — Roundcube Webmail: The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password. CVSSv3.1 8.8 (HIGH)
CVE-2017-5611 — Wordpress Wordpress: SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name. CVSSv3.1 9.8 (CRITICAL)
CVE-2016-10182 — Dlink Dwr-932b_firmware: qmiweb allows command injection with ` characters.
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with ` characters. CVSSv3.1 9.8 (CRITICAL)