شبکه اطلاع رسانی امنيت اطلاعات New Page 1


ساير

 

 

 


 

SAKHA RAVESH CO.

 ا مروز

 پنجشنبه  3  اسفند  1396  2018  Feb.  22   Thursday ToDay
صفحه اصلی  مقالات نکته هادايره المعارف خودآموزها | تازه ها خود آزمون ها   

امروزه امنيت اطلاعات در سيستم های کامپيوتری به عنوان يکی از مسائل مهم مطرح و می بايست به مقوله امنيت اطلاعات نه بعنوان يک محصول بلکه به عنوان يک فرآيند نگاه گردد.بدون شک اطلاع رسانی در رابطه با تهديدات ، حملات  و نحوه برخورد با آنان ، دارای  جايگاهی خاص در فرآيند ايمن سازی اطلاعات بوده و لازم است همواره نسبت به آخرين اطلاعات موجود در اين زمينه خود را بهنگام نمائيم .بدين دليل و با توجه به اهميت اطلاع رسانی در اين زمينه ، بخش فوق راه اندازی گرديده است .با استفاده از امکانات موجود در اين بخش می توان  نسبت به آخرين اخبار در ارتباط با امنيت اطلاعات ، هشدارهای امنيتی ، ابزارهای برخورد با حملات و تهديدات امنيتی آشنا گرديد .اطلاعات موجود در اين بخش بصورت کاملا" پويا و متاثر از سايت های اطلاع رسانی ديگر در رابطه با امنيت اطلاعات اخذ و بر روی سايت منتشر می گردد.

شبکه اطلاع رسانی امنيت اطلاعات

اخبار امنيتی

foreground (text) color; default is blackbackground color; default is whitecolor for non-highlighted links; default is bluecolor for highlighted links; default is redscroll speed (in ms): larger is slower; default is 40time (in ms) to wait on paused lines; default is 2000stop scrolling when mouse is over applet? default is YESdisplay initial "wait" message? default is to displayfont to use for text display; default is Helveticafont size to use for text display; default is 10size of horizontal padding area around text; default is 5size of vertical padding area around text; default is 5

آخرين اخبار Symantec

 

US-CERT Alerts
  • Thu, 04 Jan 2018 18:47:21 +0000 Original release date: January 04, 2018 | Last revised: February 10, 2018<br /> <h3>Systems Affected</h3> <p>CPU hardware implementations</p> <h3>Overview</h3> <p>On January 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as <a href="https://meltdownattack.com/">Meltdown</a> and <a href="https://spectreattack.com/">Spectre</a>—that affect modern computer processors. These vulnerabilities can be exploited to steal sensitive data present in a computer systems' memory.</p> <h3>Description</h3> <p>CPU hardware implementations are vulnerable to side-channel attacks, referred to as Meltdown and Spectre. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware, affecting desktops, laptops, and cloud computers. Spectre is a flaw an attacker can exploit to force a program to reveal its data. The name derives from "speculative execution"—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, cloud servers, and smartphones.</p><p>More details of these attacks can be found here:</p><ul><li>Common Vulnerability and Exposure (CVE):<ul><li>Rogue Data Cache Load: <a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754">CVE-2017-5754</a> (Meltdown) <a href="https://nvd.nist.gov/vuln/detail/CVE-2017-5754">https://nvd.nist.gov/vuln/detail/CVE-2017-5754</a></li><li>Bounds Check Bypass: <a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753">CVE-2017-5753</a> (Spectre) <a href="https://nvd.nist.gov/vuln/detail/CVE-2017-5753">https://nvd.nist.gov/vuln/detail/CVE-2017-5753</a></li><li>Branch Target Injection: <a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715">CVE-2017-5715</a> (Spectre) <a href="https://nvd.nist.gov/vuln/detail/CVE-2017-5715">https://nvd.nist.gov/vuln/detail/CVE-2017-5715</a></li></ul></li><li>CERT/CC’s Vulnerability Note <a href="https://www.kb.cert.org/vuls/id/584653">VU#584653</a></li></ul> <h3>Impact</h3> <p>An attacker can gain access to the system by establishing command and control presence on a machine via malicious Javascript, malvertising, or phishing. Once successful, the attacker could escalate privileges to exploit Meltdown and Spectre vulnerabilities, revealing sensitive information from a computer’s kernel memory, including keystrokes, passwords, encryption keys, and other valuable information.</p> <h3>Solution</h3> <p><strong>Mitigation</strong></p><p>NCCIC encourages users and administrators to refer to their hardware and software vendors for the most recent information. In the case of Spectre, the vulnerability exists in CPU architecture rather than in software, and is not easily patched; however, this vulnerability is more difficult to exploit. </p><p>After patching, performance impacts may vary, depending on use cases. NCCIC recommends administrators ensure that performance is monitored for critical applications and services, and work with their vendor(s) and service provider(s) to mitigate the effect, if possible.</p><p>Additionally, NCCIC recommends users and administrators who rely on cloud infrastructure work with their CSP to mitigate and resolve any impacts resulting from host OS patching and mandatory rebooting.</p><p>For machines running Windows Server, a number of registry changes must be completed in addition to installation of the patches.  NCCIC recommends verifying your Windows Server version before downloading applicable patches and performing registry edits.  A list of registry changes can be found here: <a href="https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution">https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution</a></p><p><strong>Antivirus</strong></p><p>Typical antivirus programs are built on a signature management system, and may not be able to detect the vulnerabilities. NCCIC recommends checking with your antivirus vendor to confirm compatibility with Meltdown and Spectre patches. Microsoft recommends third-party antivirus vendors add a change to the registry key of the machine running the antivirus software. Without it, that machine will not receive any of the following fixes from Microsoft:</p><ul><li>Windows Update</li><li>Windows Server Update Services</li><li>System Center Configuration Manager </li></ul><p>More information can be found here: <a href="https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software">https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software</a>.</p><p><strong>Vendor Links</strong></p><p>The following table contains links to advisories and patches published in response to the vulnerabilities. This table will be updated as information becomes available.</p><p>Note: NCCIC strongly recommends:</p><ul><li>downloading any patches or microcode directly from your vendor's website</li><li>using a test environment to verify each patch before implmenting</li></ul><table border="1" cellpadding="1" cellspacing="1" class="general-table" style="width: 400px; height: 312px;"><thead><tr><th scope="col"><strong>Link to Vendor Information</strong></th><th scope="col"><strong>Date Added</strong></th></tr><tr><td scope="col" style="text-align: left;"><a href="https://aws.amazon.com/security/security-bulletins/AWS-2018-013/">Amazon</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://www.amd.com/en/corporate/speculative-execution">AMD</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://source.android.com/security/bulletin/2018-01-01">Android</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://support.apple.com/en-us/HT208394">Apple</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://developer.arm.com/support/security-update">ARM</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://lists.centos.org/pipermail/centos-announce/2018-January/date.html">CentOS</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://www.chromium.org/Home/chromium-security/ssca">Chromium</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel ">Cisco</a></td><td scope="col" style="text-align: left;">January 10, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://support.citrix.com/article/CTX231390">Citrix</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://security-tracker.debian.org/tracker/CVE-2017-5754">Debian</a></td><td scope="col" style="text-align: left;">January 5, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://lists.dragonflybsd.org/pipermail/users/2018-January/313758.html">DragonflyBSD</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://support.f5.com/csp/article/K91229003">F5</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://fedoramagazine.org/protect-fedora-system-meltdown">Fedora Project</a></td><td scope="col" style="text-align: left;">January 5, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://fortiguard.com/psirt/FG-IR-18-002">Fortinet</a></td><td scope="col" style="text-align: left;">January 5, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://support.hp.com/document/c05869091">HP</a></td><td scope="col" style="text-align: left;">January 19, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html">Google</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://www.huawei.com/en/psirt/security-notices/huawei-sn-20180104-01-intel-en">Huawei</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://securityintelligence.com/cpu-vulnerability-can-allow-attackers-to-read-privileged-kernel-memory-and-leak-data/">IBM</a></td><td scope="col" style="text-align: left;">January 5, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&amp;languageid=en-fr">Intel</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://kb.juniper.net/InfoCenter/index?page=content&amp;id=JSA10842&amp;cat=SIRT_1&amp;actp=LIST">Juniper</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://support.lenovo.com/us/en/solutions/len-18282">Lenovo</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://lkml.org/lkml/2017/12/4/709">Linux</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html">LLVM: variant #2</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://reviews.llvm.org/D41760 %3chttps:/reviews.llvm.org/D41760%3e">LLVM: builtin_load_no_speculate</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://reviews.llvm.org/D41761">LLVM: llvm.nospeculatedload</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/">Microsoft Azure</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002">Microsoft</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack">Mozilla</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://security.netapp.com/advisory/ntap-20180104-0001/">NetApp</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://info.nutanix.com/TA5G00u0C000PVD00O0A8Q0">Nutanix</a></td><td scope="col" style="text-align: left;">January 10, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://nvidia.custhelp.com/app/answers/detail/a_id/4609">NVIDIA</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00001.html">OpenSuSE</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html">Oracle</a></td><td scope="col" style="text-align: left;">January 17, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://www.qubes-os.org/news/2018/01/04/xsa-254-meltdown-spectre/">Qubes</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://access.redhat.com/security/security-updates/#/security-advisories?q=&amp;p=1&amp;sort=portal_publication_date%20desc&amp;rows=10&amp;documentKind=PortalProduct">Red Hat</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://lists.suse.com/pipermail/sle-security-updates/2018-January/date.html">SuSE</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://www.synology.com/en-us/support/security/Synology_SA_18_01">Synology</a></td><td scope="col" style="text-align: left;">January 8, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://success.trendmicro.com/solution/1119183-important-information-for-trend-micro-solutions-and-microsoft-january-2018-security-updates">Trend Micro</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown">Ubuntu</a></td><td scope="col" style="text-align: left;">January 17, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="https://www.vmware.com/security/advisories/VMSA-2018-0007.html">VMware</a></td><td scope="col" style="text-align: left;">January 10, 2018</td></tr><tr><td scope="col" style="text-align: left;"><a href="http://xenbits.xen.org/xsa/advisory-254.html">Xen</a></td><td scope="col" style="text-align: left;">January 4, 2018</td></tr></thead></table><p> </p> <h3>References</h3> <ul> <li><a href="https://meltdownattack.com/">Graz University of Technology Meltdown website</a></li> <li><a href="https://spectreattack.com/">Graz University of Technology Spectre website</a></li> <li><a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754">Rogue Data Cache Load: CVE-2017-5754</a></li> <li><a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5753">Bounds Check Bypass: CVE-2017-5753</a></li> <li><a href="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715">Branch Target Injection: CVE-2017-5715</a></li> <li><a href="https://www.kb.cert.org/vuls/id/584653">CERT/CC’s Vulnerability Note VU#584653</a></li> </ul> <h3>Revision History</h3> <ul> <li>January 4, 2018: Initial version</li> <li>January 5, 2018: Updated vendor information links for Citrix, Mozilla, and IBM in the table and added links to Debian, Fedora Project, and Fortinet</li> <li>January 8, 2018: Added links to DragonflyBSD, Juniper, LLVM, NetApp, Qubes, and Synology</li> <li>January 9, 2018: Updated Solution Section</li> <li>January 10, 2018: Added links to Cisco and Nutanix</li> <li>January 17, 2018: Added note to Mitigation section and links to Oracle and Ubuntu</li> <li>January 18, 2018: Updated Description, Impact, and Solution Sections, and added an additional link</li> <li>January 19, 2018: Added link to HP</li> <li>January 31, 2018: Provided additional links and updated Description and Mitigation sections</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA18-004A: Meltdown and Spectre Side-Channel Vulnerability Guidance
  • Tue, 14 Nov 2017 19:00:38 +0000 Original release date: November 14, 2017 | Last revised: November 22, 2017<br /> <h3>Systems Affected</h3> <p>Network systems</p> <h3>Overview</h3> <p>This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with a Trojan malware variant used by the North Korean government—commonly known as Volgmer. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit <a href="https://www.us-cert.gov/hiddencobra">https://www.us-cert.gov/hiddencobra</a>.</p><p>FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and to further network exploitation. DHS and FBI are distributing these IP addresses to enable network defense and reduce exposure to North Korean government malicious cyber activity.</p><p>This alert includes IOCs related to HIDDEN COBRA, IP addresses linked to systems infected with Volgmer malware, malware descriptions, and associated signatures. This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on reporting incidents. If users or administrators detect activity associated with the Volgmer malware, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.</p><p>For a downloadable copy of IOCs, see:</p><ul><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-318B-IOCs.csv">.csv</a>)</li><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-318B-IOCs.xml">.stix</a>)</li></ul><p>NCCIC conducted analysis on five files associated with or identified as Volgmer malware and produced a Malware Analysis Report (MAR). MAR-10135536-D examines the tactics, techniques, and procedures observed. For a downloadable copy of the MAR, see:</p><ul><li>MAR (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-D_WHITE_S508C.PDF">.pdf</a>)</li><li>MAR IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-D_WHITE_stix.xml">.stix</a>)</li></ul> <h3>Description</h3> <p>Volgmer is a backdoor Trojan designed to provide covert access to a compromised system. Since at least 2013, HIDDEN COBRA actors have been observed using Volgmer malware in the wild to target the government, financial, automotive, and media industries.</p><p>It is suspected that spear phishing is the primary delivery mechanism for Volgmer infections; however, HIDDEN COBRA actors use a suite of custom tools, some of which could also be used to initially compromise a system. Therefore, it is possible that additional HIDDEN COBRA malware may be present on network infrastructure compromised with Volgmer</p><p>The U.S. Government has analyzed Volgmer’s infrastructure and have identified it on systems using both dynamic and static IP addresses. At least 94 static IP addresses were identified, as well as dynamic IP addresses registered across various countries. The greatest concentrations of dynamic IPs addresses are identified below by approximate percentage:</p><ul><li>India (772 IPs) 25.4 percent</li><li>Iran (373 IPs) 12.3 percent</li><li>Pakistan (343 IPs) 11.3 percent</li><li>Saudi Arabia (182 IPs) 6 percent</li><li>Taiwan (169 IPs) 5.6 percent</li><li>Thailand (140 IPs) 4.6 percent</li><li>Sri Lanka (121 IPs) 4 percent</li><li>China (82 IPs, including Hong Kong (12)) 2.7 percent</li><li>Vietnam (80 IPs) 2.6 percent</li><li>Indonesia (68 IPs) 2.2 percent</li><li>Russia (68 IPs) 2.2 percent</li></ul><h3><strong>Technical Details</strong></h3><p>As a backdoor Trojan, Volgmer has several capabilities including: gathering system information, updating service registry keys, downloading and uploading files, executing commands, terminating processes, and listing directories. In one of the samples received for analysis, the US-CERT Code Analysis Team observed botnet controller functionality.</p><p>Volgmer payloads have been observed in 32-bit form as either executables or dynamic-link library (.dll) files. The malware uses a custom binary protocol to beacon back to the command and control (C2) server, often via TCP port 8080 or 8088, with some payloads implementing Secure Socket Layer (SSL) encryption to obfuscate communications.</p><p>Malicious actors commonly maintain persistence on a victim’s system by installing the malware-as-a-service. Volgmer queries the system and randomly selects a service in which to install a copy of itself. The malware then overwrites the ServiceDLL entry in the selected service's registry entry. In some cases, HIDDEN COBRA actors give the created service a pseudo-random name that may be composed of various hardcoded words.</p><h3><strong>Detection and Response</strong></h3><p>This alert’s IOC files provide HIDDEN COBRA indicators related to Volgmer. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.</p><p>When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.</p><h3>Network Signatures and Host-Based Rules</h3><p>This section contains network signatures and host-based rules that can be used to detect malicious activity associated with HIDDEN COBRA actors. Although created using a comprehensive vetting process, the possibility of false positives always remains. These signatures and rules should be used to supplement analysis and should not be used as a sole source of attributing this activity to HIDDEN COBRA actors.</p><h4>Network Signatures</h4><p><code>alert tcp any any -&gt; any any (msg:"Malformed_UA"; content:"User-Agent: Mozillar/"; depth:500; sid:99999999;)</code></p><p>___________________________________________________________________________________________________</p><h4>YARA Rules</h4><p><code>rule volgmer<br />{<br />meta:<br />    description = "Malformed User Agent"<br />strings:<br />    $s = "Mozillar/"<br />condition:<br />    (uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and $s<br />}</code></p> <h3>Impact</h3> <p>A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul> <h3>Solution</h3> <h4><strong><em>Mitigation Strategies</em></strong></h4><p>DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:</p><ul><li>Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.</li><li>Keep operating systems and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.</li><li>Maintain up-to-date antivirus software, and scan all software downloaded from the Internet before executing.</li><li>Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.</li><li>Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For enterprises or organizations, it may be best to block email messages with attachments from suspicious sources. For information on safely handling email attachments, see <a href="https://www.us-cert.gov/sites/default/files/publications/emailscams_0905.pdf">Recognizing and Avoiding Email Scams</a>. Follow safe practices when browsing the web. See <a href="https://www.us-cert.gov/ncas/tips/ST04-003">Good Security Habits</a> and <a href="https://www.us-cert.gov/ncas/tips/ST06-008">Safeguarding Your Data</a> for additional details.</li><li>Do not follow unsolicited web links in emails. See <a href="https://www.us-cert.gov/ncas/tips/ST04-014">Avoiding Social Engineering and Phishing Attacks</a> for more information.</li></ul><h4><strong><em>Response to Unauthorized Network Access</em></strong></h4><ul><li><strong>Contact DHS or your local FBI office immediately.</strong> To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC (<a href="https://www.us-cert.govmailto:NCCICCustomerService@hq.dhs.gov">NCCICCustomerService@hq.dhs.gov</a> or 888-282-0870), FBI through a local field office, or the FBI’s Cyber Division (<a href="https://www.us-cert.govmailto:CyWatch@fbi.gov">CyWatch@fbi.gov</a> or 855-292-3937).</li></ul> <h3>References</h3> <ul> </ul> <h3>Revision History</h3> <ul> <li>November 14, 2017: Initial version</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-318B: HIDDEN COBRA – North Korean Trojan: Volgmer
  • Tue, 14 Nov 2017 18:09:27 +0000 Original release date: November 14, 2017 | Last revised: November 22, 2017<br /> <h3>Systems Affected</h3> <p>Network systems</p> <h3>Overview</h3> <p>This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI identified Internet Protocol (IP) addresses and other indicators of compromise (IOCs) associated with a remote administration tool (RAT) used by the North Korean government—commonly known as FALLCHILL. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information on HIDDEN COBRA activity, visit <a href="https://www.us-cert.gov/hiddencobra">https://www.us-cert.gov/hiddencobra</a>.</p><p>FBI has high confidence that HIDDEN COBRA actors are using the IP addresses—listed in this report’s IOC files—to maintain a presence on victims’ networks and to further network exploitation. DHS and FBI are distributing these IP addresses to enable network defense and reduce exposure to any North Korean government malicious cyber activity.</p><p>This alert includes IOCs related to HIDDEN COBRA, IP addresses linked to systems infected with FALLCHILL malware, malware descriptions, and associated signatures. This alert also includes suggested response actions to the IOCs provided, recommended mitigation techniques, and information on reporting incidents. If users or administrators detect activity associated with the FALLCHILL malware, they should immediately flag it, report it to the DHS National Cybersecurity and Communications Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and give it the highest priority for enhanced mitigation.</p><p>For a downloadable copy of IOCs, see:</p><ul><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-318A-IOCs.csv">.csv</a>)</li><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-318A-IOCs.xml">.stix</a>)</li></ul><p>NCCIC conducted analysis on two samples of FALLCHILL malware and produced a Malware Analysis Report (MAR). MAR-10135536-A examines the tactics, techniques, and procedures observed in the malware. For a downloadable copy of the MAR, see:</p><ul><li>MAR (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-A_WHITE_S508C.pdf">.pdf</a>)</li><li>MAR IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10135536-A_WHITE_stix.xml">.stix</a>)</li></ul> <h3>Description</h3> <p>According to trusted third-party reporting, HIDDEN COBRA actors have likely been using FALLCHILL malware since 2016 to target the aerospace, telecommunications, and finance industries. The malware is a fully functional RAT with multiple commands that the actors can issue from a command and control (C2) server to a victim’s system via dual proxies. FALLCHILL typically infects a system as a file dropped by other HIDDEN COBRA malware or as a file downloaded unknowingly by users when visiting sites compromised by HIDDEN COBRA actors. HIDDEN COBRA actors use an external tool or dropper to install the FALLCHILL malware-as-a-service to establish persistence. Because of this, additional HIDDEN COBRA malware may be present on systems compromised with FALLCHILL.</p><p>During analysis of the infrastructure used by FALLCHILL malware, the U.S. Government identified 83 network nodes. Additionally, using publicly available registration information, the U.S. Government identified the countries in which the infected IP addresses are registered.</p><h3><strong>Technical Details</strong></h3><p>FALLCHILL is the primary component of a C2 infrastructure that uses multiple proxies to obfuscate network traffic between HIDDEN COBRA actors and a victim’s system. According to trusted third-party reporting, communication flows from the victim’s system to HIDDEN COBRA actors using a series of proxies as shown in figure 1.</p><p><img alt="HIDDEN COBRA Communication Flow" src="https://www.us-cert.gov/sites/default/files/publications/alert-graphic-01.png" style="width: 786px; height: 191px;" /></p><h5>Figure 1. HIDDEN COBRA Communication Flow</h5><p>FALLCHILL uses fake Transport Layer Security (TLS) communications, encoding the data with RC4 encryption with the following key: [0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82]. FALLCHILL collects basic system information and beacons the following to the C2:</p><ul><li>operating system (OS) version information,</li><li>processor information,</li><li>system name,</li><li>local IP address information,</li><li>unique generated ID, and</li><li>media access control (MAC) address.</li></ul><p>FALLCHILL contains the following built-in functions for remote operations that provide various capabilities on a victim’s system:</p><ul><li>retrieve information about all installed disks, including the disk type and the amount of free space on the disk;</li><li>create, start, and terminate a new process and its primary thread;</li><li>search, read, write, move, and execute files;</li><li>get and modify file or directory timestamps;</li><li>change the current directory for a process or file; and</li><li>delete malware and artifacts associated with the malware from the infected system.</li></ul><h3>Detection and Response</h3><p>This alert’s IOC files provide HIDDEN COBRA indicators related to FALLCHILL. DHS and FBI recommend that network administrators review the information provided, identify whether any of the provided IP addresses fall within their organizations’ allocated IP address space, and—if found—take necessary measures to remove the malware.</p><p>When reviewing network perimeter logs for the IP addresses, organizations may find instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find some traffic relates to malicious activity and some traffic relates to legitimate activity.</p><h3>Network Signatures and Host-Based Rules</h3><p>This section contains network signatures and host-based rules that can be used to detect malicious activity associated with HIDDEN COBRA actors. Although created using a comprehensive vetting process, the possibility of false positives always remains. These signatures and rules should be used to supplement analysis and should not be used as a sole source of attributing this activity to HIDDEN COBRA actors.</p><h4>Network Signatures</h4><p><code>alert tcp any any -&gt; any any (msg:"Malicious SSL 01 Detected";content:"|17 03 01 00 08|";  pcre:"/\x17\x03\x01\x00\x08.{4}\x04\x88\x4d\x76/"; rev:1; sid:2;)</code></p><p>___________________________________________________________________________________________</p><p><code>alert tcp any any -&gt; any any (msg:"Malicious SSL 02 Detected";content:"|17 03 01 00 08|";  pcre:"/\x17\x03\x01\x00\x08.{4}\x06\x88\x4d\x76/"; rev:1; sid:3;)</code></p><p>___________________________________________________________________________________________</p><p><code>alert tcp any any -&gt; any any (msg:"Malicious SSL 03 Detected";content:"|17 03 01 00 08|";  pcre:"/\x17\x03\x01\x00\x08.{4}\xb2\x63\x70\x7b/"; rev:1; sid:4;)</code></p><p>___________________________________________________________________________________________</p><p><code>alert tcp any any -&gt; any any (msg:"Malicious SSL 04 Detected";content:"|17 03 01 00 08|";  pcre:"/\x17\x03\x01\x00\x08.{4}\xb0\x63\x70\x7b/"; rev:1; sid:5;)</code></p><div>___________________________________________________________________________________________</div><h4>YARA Rules</h4><p>The following rules were provided to NCCIC by a trusted third party for the purpose of assisting in the identification of malware associated with this alert.</p><p>THIS DHS/NCCIC MATERIAL IS FURNISHED ON AN “AS-IS” BASIS.  These rules have been tested and determined to function effectively in a lab environment, but we have no way of knowing if they may function differently in a production network.  Anyone using these rules are encouraged to test them using a data set representitive of their environment.</p><p><code>rule rc4_stack_key_fallchill<br />{<br />meta:<br />    description = "rc4_stack_key"<br />strings:<br />    $stack_key = { 0d 06 09 2a ?? ?? ?? ?? 86 48 86 f7 ?? ?? ?? ?? 0d 01 01 01 ?? ?? ?? ?? 05 00 03 82 41 8b c9 41 8b d1 49 8b 40 08 48 ff c2 88 4c 02 ff ff c1 81 f9 00 01 00 00 7c eb }<br />condition:<br />    (uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and $stack_key<br />}</code></p><p><code>rule success_fail_codes_fallchill</code></p><p><code>{<br />meta:<br />    description = "success_fail_codes"<br />strings:<br />    $s0 = { 68 7a 34 12 00 }  <br />    $s1 = { ba 7a 34 12 00 }  <br />    $f0 = { 68 5c 34 12 00 }  <br />    $f1 = { ba 5c 34 12 00 }<br />condition:<br />    (uint16(0) == 0x5A4D and uint16(uint32(0x3c)) == 0x4550) and (($s0 and $f0) or ($s1 and $f1))<br />}</code></p><p>___________________________________________________________________________________________</p> <h3>Impact</h3> <p>A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul> <h3>Solution</h3> <h4><strong><em>Mitigation Strategies</em></strong></h4><p>DHS recommends that users and administrators use the following best practices as preventive measures to protect their computer networks:</p><ul><li>Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.</li><li>Keep operating systems and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Patching with the latest updates greatly reduces the number of exploitable entry points available to an attacker.</li><li>Maintain up-to-date antivirus software, and scan all software downloaded from the Internet before executing.</li><li>Restrict users’ abilities (permissions) to install and run unwanted software applications, and apply the principle of “least privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.</li><li>Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine. For enterprises or organizations, it may be best to block email messages with attachments from suspicious sources. For information on safely handling email attachments, see <a href="https://www.us-cert.gov/sites/default/files/publications/emailscams_0905.pdf">Recognizing and Avoiding Email Scams</a>. Follow safe practices when browsing the web. See <a href="https://www.us-cert.gov/ncas/tips/ST04-003">Good Security Habits</a> and <a href="https://www.us-cert.gov/ncas/tips/ST06-008">Safeguarding Your Data</a> for additional details.</li><li>Do not follow unsolicited web links in emails. See <a href="https://www.us-cert.gov/ncas/tips/ST04-014">Avoiding Social Engineering and Phishing Attacks</a> for more information.</li></ul><h4><strong><em>Response to Unauthorized Network Access</em></strong></h4><ul><li><strong>Contact DHS or your local FBI office immediately.</strong> To report an intrusion and request resources for incident response or technical assistance, contact DHS NCCIC (<a href="https://www.us-cert.govmailto:NCCICCustomerService@hq.dhs.gov">NCCICCustomerService@hq.dhs.gov</a> or 888-282-0870), FBI through a local field office, or the FBI’s Cyber Division (<a href="https://www.us-cert.govmailto:CyWatch@fbi.gov">CyWatch@fbi.gov</a> or 855-292-3937).</li></ul><p> </p> <h3>References</h3> <ul> </ul> <h3>Revision History</h3> <ul> <li>November 14, 2017: Initial version</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
  • Fri, 20 Oct 2017 22:50:54 +0000 Original release date: October 20, 2017 | Last revised: October 23, 2017<br /> <h3>Systems Affected</h3> <ul><li>Domain Controllers</li><li>File Servers</li><li>Email Servers</li></ul> <h3>Overview</h3> <p>This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides information on advanced persistent threat (APT) actions targeting government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors. Working with U.S. and international partners, DHS and FBI identified victims in these sectors. This report contains indicators of compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by APT actors on compromised victims’ networks.</p><p>DHS assesses this activity as a multi-stage intrusion campaign by threat actors targeting low security and small networks to gain access and move laterally to networks of major, high value asset owners within the energy sector. Based on malware analysis and observed IOCs, DHS has confidence that this campaign is still ongoing, and threat actors are actively pursuing their ultimate objectives over a long-term campaign. The intent of this product is to educate network defenders and enable them to identify and reduce exposure to malicious activity.</p><p>For a downloadable copy of IOC packages and associated files, see:</p><ul><li><a href="https://www.us-cert.gov/sites/default/files/publications/TA17-293A_TLP_WHITE_CSV.csv">TA17-293A_TLP_WHITE.csv</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/TA17-293A%20_TLP_%20WHITE.xml">TA17-293A_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10127623_TLP_WHITE.pdf">MIFR-10127623_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10127623_TLP_WHITE_stix.xml">MIFR-10127623_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128327_TLP_WHITE.pdf">MIFR-10128327_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128327_TLP_WHITE_stix.xml">MIFR-10128327_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128336_TLP_WHITE.pdf">MIFR-10128336_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128336_TLP_WHITE_stix.xml">MIFR-10128336_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128830_TLP_WHITE.pdf">MIFR-10128830­_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128830_TLP_WHITE_stix.xml">MIFR-10128830­_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128883_TLP_WHITE.pdf">MIFR-10128883_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10128883_TLP_WHITE_stix.xml">MIFR-10128883_TLP_WHITE_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10135300_TLP_WHITE.pdf">MIFR-10135300_TLP_WHITE.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10135300_TLP_WHITE_stix.xml">MIFR-10135300_TLP_WHITE_stix.xml</a></li></ul><p>Contact DHS or law enforcement immediately to report an intrusion and to request incident response resources or technical assistance.</p> <h3>Description</h3> <p>Since at least May 2017, threat actors have targeted government entities and the energy, water, aviation, nuclear, and critical manufacturing sectors, and, in some cases, have leveraged their capabilities to compromise victims’ networks. Historically, cyber threat actors have targeted the energy sector with various results, ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict. [1] Historically, threat actors have also targeted other critical infrastructure sectors with similar campaigns.</p><p>Analysis by DHS, FBI, and trusted partners has identified distinct indicators and behaviors related to this activity. Of specific note, the report Dragonfly: Western energy sector targeted by sophisticated attack group, released by Symantec on September 6, 2017, provides additional information about this ongoing campaign. <a href="https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group">[2]</a></p><p>This campaign comprises two distinct categories of victims: staging and intended targets. The initial victims are peripheral organizations such as trusted third party suppliers with less secure networks. The initial victims are referred to as “staging targets” throughout this alert. The threat actor uses the staging targets’ networks as pivot points and malware repositories when targeting their final intended victims. The ultimate objective of the cyber threat actors is to compromise organizational networks, which are referred throughout this alert as “intended target.”</p><h4>Technical Details</h4><p>The threat actors in this campaign employed a variety of TTPs, including:</p><ul><li>open-source reconnaissance,</li><li>spear-phishing emails (from compromised legitimate accounts),</li><li>watering-hole domains,</li><li>host-based exploitation,</li><li>industrial control system (ICS) infrastructure targeting, and</li><li>ongoing credential gathering.</li></ul><h4>Using Cyber Kill Chain for Analysis</h4><p>DHS leveraged the Cyber Kill Chain model to analyze, discuss, and dissect malicious cyber activity. Phases of the model include reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on the objective. This section will provide a high-level overview of activity within this framework.</p><p><strong>Stage 1: Reconnaissance</strong></p><p>The threat actors appear to have deliberately chosen the organizations they targeted, rather than pursuing them as targets of opportunity. Staging targets held preexisting relationships with many of the intended targets. It is known that threat actors are actively accessing publicly available information hosted by organization-monitored networks. DHS further assesses that threat actors are seeking to identify information pertaining to network and organizational design, as well as control system capabilities, within organizations.</p><p>Forensic analysis identified that threat actors are conducting open-source reconnaissance of their targets, gathering information posted on company-controlled websites. This is a common tactic for collecting the information needed for targeted spear-phishing attempts. In some cases, information posted to company websites, especially information that may appear to be innocuous, may contain operationally sensitive information. As an example, the threat actors downloaded a small photo from a publically accessible human resources page. The image, when expanded, was a high-resolution photo that displayed control systems equipment models and status information in the background.</p><p>Analysis also revealed that the threat actors used compromised staging target networks to conduct open-source reconnaissance to identify potential targets of interest and intended targets. “Targets of interest” refers to organizations that DHS observed the threat actors showing an active interest in, but where no compromise was reported. Specifically, the threat actors accessed publically web-based remote access infrastructure such as websites, remote email access portals, and virtual private network (VPN) connections.</p><p><strong>Stage 2: Weaponization</strong></p><h5>Spear-Phishing Email TTPs</h5><p>Throughout the spear-phishing campaign, threat actors used email attachments to leverage legitimate Microsoft Office functions to retrieve a document from a remote server using the Server Message Block (SMB) protocol. (An example of this request is: file[:]//&lt;remote IP address&gt;/Normal.dotm). As a part of the standard processes executed by Microsoft Word, this request authenticates the client with the server, sending the user’s credential hash to the remote server prior to retrieving the requested file. (Note: It is not necessary for the file to be retrieved for the transfer of credentials to occur.) The threat actors then likely used password-cracking techniques to obtain the plaintext password. Once actors obtain valid credentials, they are able to masquerade as authorized users.</p><p><strong>Stage 3: Delivery</strong></p><p>When seeking to compromise the target network, threat actors used a spear-phishing email campaign that differed from previously reported TTPs. The spear-phishing email used a generic contract agreement theme, with the subject line “AGREEMENT &amp; Confidential”, and which contained a generic PDF document, titled “’’document.pdf”. (Note the inclusion of two single apostrophes at the beginning of the attachment name.) The PDF itself was not malicious and did not contain any active code. The document prompted the user to click on a link should a download not automatically begin. (Note: No code within the PDF initiated a download.) The link directs users to a website via a shortened URL, which may prompt them to retrieve a malicious file.</p><p>In previous reporting, DHS and FBI identified the common themes used in these spear-phishing emails, all emails referred to control systems or process control systems. The threat actors continue to use these themes, specifically against intended target organizations. Email messages include references to common industrial control equipment and protocols. The emails leveraged malicious Microsoft Word attachments that appear to be legitimate résumés or curricula vitae (CVs) for industrial control systems personnel, as well as invitations and policy documents that entice the user to open the attachment. The list of file names has been published in the IOC.</p><p><strong>Stage 4: Exploitation</strong></p><p>Threat actors used distinct and unusual TTPs (i.e., successive redirects) in the phishing campaign directed at staging targets. Emails contained a stacked URL-shortening link that directed the user to http://bit[.]ly/2m0x8IH link, which redirected the user to http://tinyurl[.]com/h3sdqck link, which redirected the user to the ultimate destination of http://imageliners[.]com/nitel. The imageliner[.]com website contained an email address and password input fields mimicking a login page for a website.</p><p>When exploiting the intended targets, threat actors used malicious .docx files to capture user credentials, however, DHS did not observe the actors establishing persistence on the user’s system. The documents attempt to retrieve a file through a “file:\\” connection over SMB using Transmission Control Protocol (TCP) ports 445 or 139 and User Datagram Protocol (UDP) ports 137 or 138. This connection is made to a command and control (C2) server — either a server owned by the threat actors or that of a compromised system owned by a staging location victim. When a user is authenticated as a domain user, this will provide the C2 server with the hash of the victim. Local users will receive a graphical user interface (GUI) prompt to enter a username and password. This information will be provided to the C2 over TCP ports 445 or 139 and UDP ports 137 or 138. (Note: A file transfer is not necessary for a loss of credential information.) Symantec’s report associates this behavior to the Dragonfly threat actors in this campaign. <a href="https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group">[3]</a></p><h5><strong>Use of Watering Hole Domains</strong></h5><p>One of the threat actors’ primary uses for staging targets is to develop watering holes. The threat actors compromise the infrastructure of trusted organizations to reach intended targets. [4] Although these watering holes may host legitimate content by reputable organizations, the threat actors have altered them to contain and reference malicious content. Approximately half of the known watering holes are trade publications and informational websites related to process control, ICS, or critical infrastructure.</p><p>Using a similar SMB collection technique, the actors manipulated these websites by altering JavaScript and PHP files that redirect to an IP address on port 445 for credential harvesting. The compromised sites include both custom developed web applications and template-based frameworks. The threat actors injected a line of code into header.php, a legitimate PHP file that carried out the redirected traffic.</p><p>There is no indication that threat actors used zero-day exploits to manipulate the sites; the threat actors more likely used legitimate credentials to access the website content directly.</p><p><strong>Stage 5: Installation</strong></p><p>The threat actors leveraged compromised credentials to access victims’ networks where multi-factor authentication is not used. <a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10127623_TLP_WHITE.pdf">[5]</a> Once inside of an intended target’s network, the threat actors downloaded tools from a remote server. The initial versions of the file names contained .txt extensions and were renamed to the appropriate extension, typically .exe or .zip.</p><p>In one example, after gaining remote access to the network of an intended victim, the threat actor carried out the following actions:</p><ul><li>The threat actor connected to 91.183.104[.]150 and downloaded multiple files, specifically the file INST.txt.</li><li>The files were renamed to new extensions, with INST.txt being renamed INST.exe.</li><li>The files were executed on the host and then immediately deleted.</li><li>The execution of INST.exe triggered a download of ntdll.exe, and shortly after, ntdll.exe appeared in the running process list of a compromised system of an intended target.</li></ul><p>In their report on Dragonfly, Symantec associated the MD5 hash of INST.exe to Backdoor.Goodor. The MD5 hashes for the previously mentioned files can be found in the IOC list above.</p><p>Several of these files were scripts that were used for creating the initial account leveraged by the threat actors. The initial script symantec_help.jsp contained a one-line reference to a malicious script. It was located at C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\tomcat\webapps\ROOT\.</p><p><strong>Contents of symantec_help.jsp</strong></p><p>____________________________________________________________________________________________________________________</p><table border="1" cellpadding="0" cellspacing="0" style="width: 100%;"><tbody><tr><td><p>&lt;% Runtime.getRuntime().exec("cmd /C \"" + System.getProperty("user.dir") + "\\..\\webapps\\ROOT\\&lt;REDACTED SCRIPT NAME&gt;\""); %&gt;</p></td></tr></tbody></table><p>____________________________________________________________________________________________________________________</p><p>The malicious script created a user account, disabled the host-based firewall, and globally opened port 3389 for Remote Desktop Protocol (RDP) access. The script then attempted to add the newly created account to the administrators group for elevated privileges. This script contained hard-coded values for the group name “administrator” in Spanish, Italian, German, French, and English.</p><p>In addition, the threat actors also created a scheduled task “reset”, which was designed to automatically log out of their newly created account every eight hours.</p><p><strong>Contents of Scheduled Task</strong></p><p><strong>____________________________________________________________________________________________________________________</strong></p><table border="1" cellpadding="0" cellspacing="0" style="width: 100%;"><tbody><tr><td><p>&lt;?xml version="1.0" encoding="UTF-16"?&gt;</p><p>&lt;Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"&gt;</p><p> &lt;RegistrationInfo&gt;</p><p>  &lt;Date&gt;2017-06-25T11:51:17.4848488&lt;/Date&gt;</p><p>  &lt;Author&gt;&lt;REDACTED&gt;&lt;/Author&gt;</p><p> &lt;/RegistrationInfo&gt;</p><p> &lt;Triggers&gt;</p><p>  &lt;TimeTrigger&gt;</p><p>   &lt;StartBoundary&gt;2017-06-25T12:30:29&lt;/StartBoundary&gt;</p><p>   &lt;Enabled&gt;true&lt;/Enabled&gt;</p><p>  &lt;/TimeTrigger&gt;</p><p> &lt;/Triggers&gt;</p><p> &lt;Principals&gt;</p><p>  &lt;Principal id="Author"&gt;</p><p>   &lt;RunLevel&gt;LeastPrivilege&lt;/RunLevel&gt;</p><p>   &lt;UserId&gt;&lt;REDACTED USERNAME&gt;&lt;/UserId&gt;</p><p>   &lt;LogonType&gt;InteractiveToken&lt;/LogonType&gt;</p><p>  &lt;/Principal&gt;</p><p> &lt;/Principals&gt;</p><p> &lt;Settings&gt;</p><p>  &lt;MultipleInstancesPolicy&gt;IgnoreNew&lt;/MultipleInstancesPolicy&gt;</p><p>  &lt;DisallowStartIfOnBatteries&gt;true&lt;/DisallowStartIfOnBatteries&gt;</p><p>  &lt;StopIfGoingOnBatteries&gt;true&lt;/StopIfGoingOnBatteries&gt;</p><p>  &lt;AllowHardTerminate&gt;true&lt;/AllowHardTerminate&gt;</p><p>  &lt;StartWhenAvailable&gt;false&lt;/StartWhenAvailable&gt;</p><p>  &lt;RunOnlyIfNetworkAvailable&gt;false&lt;/RunOnlyIfNetworkAvailable&gt;</p><p>  &lt;IdleSettings&gt;</p><p>   &lt;StopOnIdleEnd&gt;true&lt;/StopOnIdleEnd&gt;</p><p>   &lt;RestartOnIdle&gt;false&lt;/RestartOnIdle&gt;</p><p>  &lt;/IdleSettings&gt;</p><p>  &lt;AllowStartOnDemand&gt;true&lt;/AllowStartOnDemand&gt;</p><p>  &lt;Enabled&gt;true&lt;/Enabled&gt;</p><p>  &lt;Hidden&gt;false&lt;/Hidden&gt;</p><p>  &lt;RunOnlyIfIdle&gt;false&lt;/RunOnlyIfIdle&gt;</p><p>  &lt;WakeToRun&gt;false&lt;/WakeToRun&gt;</p><p>  &lt;ExecutionTimeLimit&gt;P3D&lt;/ExecutionTimeLimit&gt;</p><p>  &lt;Priority&gt;7&lt;/Priority&gt;</p><p> &lt;/Settings&gt;</p><p> &lt;Actions Context="Author"&gt;</p><p>  &lt;Exec&gt;</p><p>   &lt;Command&gt;logoff&lt;/Command&gt;</p><p>  &lt;/Exec&gt;</p><p> &lt;/Actions&gt;</p><p>&lt;/Task&gt;</p></td></tr></tbody></table><p>____________________________________________________________________________________________________________________</p><p>After achieving access to staging targets, the threat actors installed tools to carry out their mission. On one occasion, threat actors installed the free version of Forticlient, which was presumably used as a VPN client for intended targets.</p><p>Consistent with the perceived goal of credential harvesting, the threat actor was observed dropping and executing open source and free tools such as Hydra, SecretsDump, and CrackMapExec. The naming convention and download locations suggest that these files were downloaded directly from publically available locations such as GitHub. Forensic analysis indicates that many of these tools were executed during the timeframe in which the threat actor was accessing the system. Of note, the threat actor installed Python 2.7 on a compromised host of one staging victim, and a Python script was seen at C:\Users\&lt;Redacted Username&gt;\Desktop\OWAExchange\. In the previous folder structure, a subfolder named “out” held multiple text files.</p><h5>Persistence Through .LNK File Manipulation</h5><p>The threat actors manipulated .lnk files to repeatedly gather user credentials. Default Windows functionality enables icons to be loaded from a local Windows repository. The threat actors exploited this built-in Windows functionality by setting the icon path to their remote controlled server. When the user browses to the directory, Windows attempts to load the icon and initiate an SMB authentication session. During this process, the active user’s credentials are passed through the attempted SMB connection. The threat actors used this tactic in both Virtual Desktop Infrastructure (VDI) and traditional environments.</p><p><img alt="Parsed output for file: SETROUTE.lnk" src="https://www.us-cert.gov/sites/default/files/publications/TA17-293A%20Image1.png" style="width: 543px; height: 502px; float: left;" /></p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>Three of the observed .lnk files were SETROUTE.lnk, notepad.exe.lnk, and Document.lnk. These names appear to be contextual, and threat actors may use a variety of other file names within this tactic. Two of the remote servers observed in these .lnk files were 62.8.193[.]206 and 5.153.58[.]45.</p><h5>Establishing Local Accounts</h5><p>The threat actors created accounts on the staging target for ongoing operations. These accounts, masquerading as legitimate service accounts, appeared to be tailored to each individual staging target. Each account created by the threat actors served a specific purpose in their operation. DHS and FBI identified the creation of four local accounts on a compromised server. The server operated as both a domain controller and an email server for a staging target.</p><p><strong>Account 1:</strong> The threat actors created a local account, which was named to mimic backup services of the staging target. This account was created by the aforementioned malicious script. The threat actors used this account to conduct open-source reconnaissance and remotely access intended targets. This account was also used to remove the Forticlient software.</p><p><strong>Account 2:</strong> Account 1 was used to create Account 2 to impersonate an email administration account. The only observed action was to create Account 3.</p><p><strong>Account 3:</strong> The threat actors created Account 3 in the staging victim’s Microsoft Exchange Server. A PowerShell script created this account during an RDP session while the threat actor was authenticated as Account 2. The naming conventions of the created Microsoft Exchange account followed that of the staging target (e.g., first initial concatenated with the last name).</p><p><strong>Account 4:</strong> In the latter stage of the compromise, the threat actor used Account 1 to create Account 4, a local administrator account. Account 4 was then used to delete the following logs: system, security, terminal services, remote services, and audit. Registry analysis indicated that this activity was likely scripted.</p><p><strong>Stage 6: Command and Control</strong></p><p>The threat actors commonly use web shells to compromise publically available servers to gain a foothold into internal networks. This activity has been observed on both web and email servers. The threat actors then establish an encrypted connection over port 443 to the web shell. Once connected, the threat actors download additional malicious files from the threat actors’ servers to the publically available server. Two of the web shells (AutoDiscover.aspx and global.aspx) used by the actors are detailed in the accompanying IOC list. Despite having different file names, the MD5 hashes of the two web shells indicated that the two files were the same file. These web shells have been associated with the ciklon_z webshell.</p><p>DHS and FBI identified the threat actors leveraging remote access services and infrastructure, such as VPN, RDP, and Outlook Web Access (OWA). The threat actors used staging targets to connect to several intended targets, effectively turning the staging targets into command and control points. To date, it is presumed that the threat actors have targeted services that use single-factor authentication. DHS believes that the threat actors employ this methodology to avoid detection and attribution.</p><h5>Targeting of ICS and SCADA Infrastructure</h5><p>Upon gaining access to intended victims, the threat actors conducted reconnaissance operations within the network. Specifically, the threat actors focused on identifying and browsing file servers within the intended victim’s network. The threat actors viewed files pertaining to ICS or Supervisory Control and Data Acquisition (SCADA) systems. Based on DHS analysis of existing compromises, these files were originally named containing ICS vendor names and ICS reference documents pertaining to the organization (e.g., “SCADA WIRING DIAGRAM.pdf” or “SCADA PANEL LAYOUTS.xlsx”).</p><p>In one instance, the threat actors accessed workstations and servers on a corporate network that contained data output from control systems within energy generation facilities. In this same incident, the threat actors created a malicious scheduled task that invoked “scr.exe” with the arguments “scr.jpg”. The MD5 hash of scr.exe matched the MD5 of ScreenUtil, a tool used by the threat actor, as reported in the Symantec Dragonfly 2.0 report.</p><h4>Detection and Response</h4><p>IOCs related to this campaign are provided within the accompanying .csv and .stix files of this alert. DHS and FBI recommend that network administrators review the IP addresses, domain names, file hashes, network signatures, and YARA rules provided and add the IPs to their watchlist to determine whether malicious activity has been observed within their organization. System owners are also advised to run the YARA tool on any system suspected to have been targeted by these APT actors.</p><h5>Network Signatures and Host-Based Rules</h5><p>This section contains network signatures and host-based rules that can be used to detect malicious activity associated with threat actors TTPs. Although these network signatures and host-based rules were created using a comprehensive vetting process, the possibility of false positives always remains.</p><h5>Network Signatures</h5><p><code>alert tcp $HOME_NET any -&gt; $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP URI contains '/aspnet_client/system_web/4_0_30319/update/' (Beacon)"; sid:42000000; rev:1; flow:established,to_server; content:"/aspnet_client/system_web/4_0_30319/update/"; http_uri; fast_pattern:only; classtype:bad-unknown; metadata:service http;)</code></p><p><code>___________________________________</code></p><p><code>alert tcp $HOME_NET any -&gt; $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP URI contains '/img/bson021.dat'"; sid:42000001; rev:1; flow:established,to_server; content:"/img/bson021.dat"; http_uri; fast_pattern:only; classtype:bad-unknown; metadata:service http;)</code></p><p><code>________________________________________</code></p><p><code>alert tcp $HOME_NET any -&gt; $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP URI contains '/A56WY' (Callback)"; sid:42000002; rev:1; flow:established,to_server; content:"/A56WY"; http_uri; fast_pattern; classtype:bad-unknown; metadata:service http;)</code></p><p><code>_________________________________________</code></p><p><code>alert tcp any any -&gt; any 445 (msg:"SMB Client Request contains 'AME_ICON.PNG' (SMB credential harvesting)"; sid:42000003; rev:1; flow:established,to_server; content:"|FF|SMB|75 00 00 00 00|"; offset:4; depth:9; content:"|08 00 01 00|"; distance:3; content:"|00 5c 5c|"; distance:2; within:3; content:"|5c|AME_ICON.PNG"; distance:7; fast_pattern; classtype:bad-unknown; metadata:service netbios-ssn;)</code></p><p>________________________________________</p><p><code>alert tcp $HOME_NET any -&gt; $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP URI OPTIONS contains '/ame_icon.png' (SMB credential harvesting)"; sid:42000004; rev:1; flow:established,to_server; content:"/ame_icon.png"; http_uri; fast_pattern:only; content:"OPTIONS"; nocase; http_method; classtype:bad-unknown; metadata:service http;)</code></p><p><code>_________________________________________</code></p><p><code>alert tcp $HOME_NET any -&gt; $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP Client Header contains 'User-Agent|3a 20|Go-http-client/1.1'"; sid:42000005; rev:1; flow:established,to_server; content:"User-Agent|3a 20|Go-http-client/1.1|0d 0a|Accept-Encoding|3a 20|gzip"; http_header; fast_pattern:only; pcre:"/\.(?:aspx|txt)\?[a-z0-9]{3}=[a-z0-9]{32}&amp;/U"; classtype:bad-unknown; metadata:service http;)</code></p><p><code>__________________________________________</code></p><p><code>alert tcp $EXTERNAL_NET [139,445] -&gt; $HOME_NET any (msg:"SMB Server Traffic contains NTLM-Authenticated SMBv1 Session"; sid:42000006; rev:1; flow:established,to_client; content:"|ff 53 4d 42 72 00 00 00 00 80|"; fast_pattern:only; content:"|05 00|"; distance:23; classtype:bad-unknown; metadata:service netbios-ssn;)</code><br /> </p><h5>YARA Rules</h5><p>This is a consolidated rule set for malware associated with, consisting of rules written by US-CERT, as well as contributions by trusted partners.</p><p><code>*/</code></p><p> </p><p><code>rule APT_malware_1</code></p><p><code>{</code></p><p><code>meta:</code></p><p><code>      description = "inveigh pen testing tools &amp; related artifacts"</code></p><p><code>      author = "US-CERT Code Analysis Team"    </code></p><p><code>      date = "2017/07/17"</code></p><p><code>      hash0 = "61C909D2F625223DB2FB858BBDF42A76"</code></p><p><code>      hash1 = "A07AA521E7CAFB360294E56969EDA5D6"</code></p><p><code>      hash2 = "BA756DD64C1147515BA2298B6A760260"</code></p><p><code>      hash3 = "8943E71A8C73B5E343AA9D2E19002373"</code></p><p><code>      hash4 = "04738CA02F59A5CD394998A99FCD9613"</code></p><p><code>      hash5 = "038A97B4E2F37F34B255F0643E49FC9D"</code></p><p><code>      hash6 = "65A1A73253F04354886F375B59550B46"</code></p><p><code>      hash7 = "AA905A3508D9309A93AD5C0EC26EBC9B"</code></p><p><code>      hash8 = "5DBEF7BDDAF50624E840CCBCE2816594"</code></p><p><code>      hash9 = "722154A36F32BA10E98020A8AD758A7A"</code></p><p><code>      hash10 = "4595DBE00A538DF127E0079294C87DA0"</code></p><p><code>strings:</code></p><p><code>      $s0 = "file://"</code></p><p><code>      $s1 = "/ame_icon.png"</code></p><p><code>      $s2 = "184.154.150.66"</code></p><p><code>      $s3 = { 87D081F60C67F5086A003315D49A4000F7D6E8EB12000081F7F01BDD21F7DE }</code></p><p><code>      $s4 = { 33C42BCB333DC0AD400043C1C61A33C3F7DE33F042C705B5AC400026AF2102 }</code></p><p><code>      $s5 = "(g.charCodeAt(c)^l[(l[b]+l[e])%256])"</code></p><p><code>      $s6 = "for(b=0;256&gt;b;b++)k[b]=b;for(b=0;256&gt;b;b++)"</code></p><p><code>      $s7 = "VXNESWJfSjY3grKEkEkRuZeSvkE="</code></p><p><code>      $s8 = "NlZzSZk="</code></p><p><code>      $s9 = "WlJTb1q5kaxqZaRnser3sw=="</code></p><p><code>      $s10 = "for(b=0;256&gt;b;b++)k[b]=b;for(b=0;256&gt;b;b++)"</code></p><p><code>      $s11 = "fromCharCode(d.charCodeAt(e)^k[(k[b]+k[h])%256])"</code></p><p><code>      $s12 = "ps.exe -accepteula \\%ws% -u %user% -p %pass% -s cmd /c netstat"</code></p><p><code>      $s13 = { 22546F6B656E733D312064656C696D733D5C5C222025254920494E20286C6973742E74787429 }</code></p><p><code>      $s14 = { 68656C6C2E657865202D6E6F65786974202D657865637574696F6E706F6C69637920627970617373202D636F6D6D616E6420222E202E5C496E76656967682E70 }</code></p><p><code>      $s15 = { 476F206275696C642049443A202266626433373937623163313465306531 }</code></p><p> </p><p> </p><p><code>//inveigh pentesting tools</code></p><p> </p><p><code>      $s16 = { 24696E76656967682E7374617475735F71756575652E4164642822507265737320616E79206B657920746F2073746F70207265616C2074696D65 }</code></p><p> </p><p><code>//specific malicious word document PK archive</code></p><p> </p><p><code>      $s17 = { 2F73657474696E67732E786D6CB456616FDB3613FEFE02EF7F10F4798E64C54D06A14ED125F19A225E87C9FD0194485B }</code></p><p><code>      $s18 = { 6C732F73657474696E67732E786D6C2E72656C7355540500010076A41275780B0001040000000004000000008D90B94E03311086EBF014D6F4D87B48214471D2 }</code></p><p><code>      $s19 = { 8D90B94E03311086EBF014D6F4D87B48214471D210A41450A0E50146EBD943F8923D41C9DBE3A54A240ACA394A240ACA39 }</code></p><p><code>      $s20 = { 8C90CD4EEB301085D7BD4F61CDFEDA092150A1BADD005217B040E10146F124B1F09FEC01B56F8FC3AA9558B0B4 }</code></p><p><code>      $s21 = { 8C90CD4EEB301085D7BD4F61CDFEDA092150A1BADD005217B040E10146F124B1F09FEC01B56F8FC3AA9558B0B4 }</code></p><p><code>      $s22 = "5.153.58.45"</code></p><p><code>      $s23 = "62.8.193.206"</code></p><p><code>      $s24 = "/1/ree_stat/p"</code></p><p><code>      $s25 = "/icon.png"</code></p><p><code>      $s26 = "/pshare1/icon"</code></p><p><code>      $s27 = "/notepad.png"</code></p><p><code>      $s28 = "/pic.png"</code></p><p><code>      $s29 = "http://bit.ly/2m0x8IH"</code></p><p><code>     </code></p><p><code>condition:</code></p><p><code>      ($s0 and $s1 or $s2) or ($s3 or $s4) or ($s5 and $s6 or $s7 and $s8 and $s9) or ($s10 and $s11) or ($s12 and $s13) or ($s14) or ($s15) or ($s16) or ($s17) or ($s18) or ($s19) or ($s20) or ($s21) or ($s0 and $s22 or $s24) or ($s0 and $s22 or $s25) or ($s0 and $s23 or $s26) or ($s0 and $s22 or $s27) or ($s0 and $s23 or $s28) or ($s29)</code></p><p><code>}</code></p><p> </p><p><code>rule APT_malware_2</code></p><p><code>{</code></p><p><code>meta:</code></p><p><code>      description = "rule detects malware"</code></p><p><code>      author = "other"</code></p><p><code>strings:</code></p><p><code>      $api_hash = { 8A 08 84 C9 74 0D 80 C9 60 01 CB C1 E3 01 03 45 10 EB ED }</code></p><p><code>      $http_push = "X-mode: push" nocase</code></p><p><code>      $http_pop = "X-mode: pop" nocase</code></p><p><code>condition:</code></p><p><code>      any of them</code></p><p><code>}</code></p><p> </p><p><code>rule Query_XML_Code_MAL_DOC_PT_2</code></p><p><code>{</code></p><p><code>      meta:</code></p><p><code>            name= "Query_XML_Code_MAL_DOC_PT_2"</code></p><p><code>            author = "other"</code></p><p><code>      strings:</code></p><p><code>            $zip_magic = { 50 4b 03 04 }</code></p><p><code>            $dir1 = "word/_rels/settings.xml.rels"</code></p><p><code>            $bytes = {8c 90 cd 4e eb 30 10 85 d7}</code></p><p><code>      condition:</code></p><p><code>            $zip_magic at 0 and $dir1 and $bytes</code></p><p><code>}</code></p><p> </p><p><code>rule Query_Javascript_Decode_Function</code></p><p><code>{</code></p><p><code>meta:</code></p><p><code>      name= "Query_Javascript_Decode_Function"</code></p><p><code>      author = "other"</code></p><p><code>strings:</code></p><p><code>      $decode1 = {72 65 70 6C 61 63 65 28 2F 5B 5E 41 2D 5A 61 2D 7A 30 2D 39 5C 2B 5C 2F 5C 3D 5D 2F 67 2C 22 22 29 3B}</code></p><p><code>      $decode2 = {22 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 75 76 77 78 79 7A 30 31 32 33 34 35 36 37 38 39 2B 2F 3D 22 2E 69 6E 64 65 78 4F 66 28 ?? 2E 63 68 61 72 41 74 28 ?? 2B 2B 29 29}</code></p><p><code>      $decode3 = {3D ?? 3C 3C 32 7C ?? 3E 3E 34 2C ?? 3D 28 ?? 26 31 35 29 3C 3C 34 7C ?? 3E 3E 32 2C ?? 3D 28 ?? 26 33 29 3C 3C 36 7C ?? 2C ?? 2B 3D [1-2] 53 74 72 69 6E 67 2E 66 72 6F 6D 43 68 61 72 43 6F 64 65 28 ?? 29 2C 36 34 21 3D ?? 26 26 28 ?? 2B 3D 53 74 72 69 6E 67 2E 66 72 6F 6D 43 68 61 72 43 6F 64 65 28 ?? 29}</code></p><p><code>      $decode4 = {73 75 62 73 74 72 69 6E 67 28 34 2C ?? 2E 6C 65 6E 67 74 68 29}</code></p><p><code>      $func_call="a(\""</code></p><p><code>condition:</code></p><p><code>      filesize &lt; 20KB and #func_call &gt; 20 and all of ($decode*)</code></p><p><code>}</code></p><p> </p><p><code>rule Query_XML_Code_MAL_DOC</code></p><p><code>{</code></p><p><code>meta:</code></p><p><code>      name= "Query_XML_Code_MAL_DOC"</code></p><p><code>      author = "other"</code></p><p><code>strings:</code></p><p><code>      $zip_magic = { 50 4b 03 04 }</code></p><p><code>      $dir = "word/_rels/" ascii</code></p><p><code>      $dir2 = "word/theme/theme1.xml" ascii</code></p><p><code>      $style = "word/styles.xml" ascii</code></p><p><code>condition:</code></p><p><code>      $zip_magic at 0 and $dir at 0x0145 and $dir2 at 0x02b7 and $style at 0x08fd</code></p><p><code>}</code></p> <h3>Impact</h3> <p>This APT actor’s campaign has affected multiple organizations in the energy, nuclear, water, aviation, construction, and critical manufacturing sectors.</p> <h3>Solution</h3> <p>DHS and FBI encourage network users and administrators to use the following detection and prevention guidelines to help defend against this activity.</p><h4>Network and Host-based Signatures</h4><p>DHS and FBI recommend that network administrators review the IP addresses, domain names, file hashes, and YARA and Snort signatures provided and add the IPs to their watch list to determine whether malicious activity is occurring within their organization. Reviewing network perimeter netflow will help determine whether a network has experienced suspicious activity. Network defenders and malware analysts should use the YARA and Snort signatures provided in the associated YARA and .txt file to identify malicious activity.</p><h4>Detections and Prevention Measures</h4><ul><li>Users and administrators can detect spear phishing, watering hole, web shell, and remote access activity by comparing all IP addresses and domain names listed in the IOC packages to the following locations:<ul><li>network intrusion detection system/network intrusion protection system  logs,</li><li>web content logs,</li><li>proxy server logs,</li><li>domain name server resolution logs,</li><li>packet capture (PCAP) repositories,</li><li>firewall logs,</li><li>workstation Internet browsing history logs,</li><li>host-based intrusion detection system /host-based intrusion prevention system (HIPS) logs,</li><li>data loss prevention logs,</li><li>exchange server logs,</li><li>user mailboxes,</li><li>mail filter logs,</li><li>mail content logs,</li><li>AV mail logs,</li><li>OWA logs,</li><li>Blackberry Enterprise Server logs, and</li><li>Mobile Device Management logs.</li></ul></li><li>To detect the presence of web shells on external-facing servers, compare IP addresses, filenames, and file hashes listed in the IOC packages with the following locations:<ul><li>application logs,</li><li>IIS/Apache logs,</li><li>file system,</li><li>intrusion detection system/ intrusion prevention system logs,</li><li>PCAP repositories,</li><li>firewall logs, and</li><li>reverse proxy.</li></ul></li><li>Detect spear-phishing by searching workstation file systems, as well as network-based user directories, for attachment filenames and hashes found in the IOC packages.</li><li>Detect persistence in VDI environments by searching file shares containing user profiles for all .lnk files.</li><li>Detect evasion techniques by the threat actors by identifying deleted logs. This can be done by reviewing last-seen entries and by searching for event 104 on Windows system logs.</li><li>Detect persistence by reviewing all administrator accounts on systems to identify unauthorized accounts, especially those created recently.</li><li>Detect the malicious use of legitimate credentials by reviewing the access times of remotely accessible systems for all users. Any unusual login times should be reviewed by the account owners.</li><li>Detect the malicious use of legitimate credentials by validating all remote desktop and VPN sessions of any user’s credentials suspected to be compromised.</li><li>Detect spear-phishing by searching OWA logs for all IP addresses listed in the IOC packages.</li><li>Detect spear-phishing through a network by validating all new email accounts created on mail servers, especially those with external user access.</li><li>Detect persistence on servers by searching system logs for all filenames listed in the IOC packages.</li><li>Detect lateral movement and privilege escalation by searching PowerShell logs for all filenames ending in “.ps1” contained in the IOC packages. (Note: requires PowerShell version 5, and PowerShell logging must be enabled prior to the activity.)</li><li>Detect persistence by reviewing all installed applications on critical systems for unauthorized applications, specifically note FortiClient VPN and Python 2.7.</li><li>Detect persistence by searching for the value of “REG_DWORD 100” at registry location “HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal”. Services\MaxInstanceCount” and the value of “REG_DWORD 1” at location “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\dontdisplaylastusername”.</li><li>Detect installation by searching all proxy logs for downloads from URIs without domain names.</li></ul><h4>General Best Practices Applicable to this Campaign:</h4><ul><li>Prevent external communication of all versions of SMB and related protocols at the network boundary by blocking TCP ports 139 and 445 with related UDP port 137. See the NCCIC/US-CERT publication on <a href="https://www.us-cert.gov/ncas/current-activity/2017/01/16/SMB-Security-Best-Practices">SMB Security Best Practices </a>for more information.</li><li>Block the Web-based Distributed Authoring and Versioning (WebDAV) protocol on border gateway devices on the network.</li><li>Monitor VPN logs for abnormal activity (e.g., off-hour logins, unauthorized IP address logins, and multiple concurrent logins).</li><li>Deploy web and email filters on the network. Configure these devices to scan for known bad domain names, sources, and addresses; block these before receiving and downloading messages. This action will help to reduce the attack surface at the network’s first level of defense. Scan all emails, attachments, and downloads (both on the host and at the mail gateway) with a reputable anti-virus solution that includes cloud reputation services.</li><li>Segment any critical networks or control systems from business systems and networks according to industry best practices.</li><li>Ensure adequate logging and visibility on ingress and egress points.</li><li>Ensure the use of PowerShell version 5, with enhanced logging enabled. Older versions of PowerShell do not provide adequate logging of the PowerShell commands an attacker may have executed. Enable PowerShell module logging, script block logging, and transcription. Send the associated logs to a centralized log repository for monitoring and analysis. See the FireEye blog post <a href="http://Greater Visibility through PowerShell Logging">Greater Visibility through PowerShell Logging </a>for more information.</li><li>Implement the prevention, detection, and mitigation strategies outlined in the NCCIC/US-CERT Alert TA15-314A – <a href="https://www.us-cert.gov/ncas/alerts/TA15-314A">Compromised Web Servers and Web Shells – Threat Awareness and Guidance</a>.</li><li>Establish a training mechanism to inform end users on proper email and web usage, highlighting current information and analysis, and including common indicators of phishing. End users should have clear instructions on how to report unusual or suspicious emails.</li><li>Implement application directory whitelisting. System administrators may implement application or application directory whitelisting through Microsoft Software Restriction Policy, AppLocker, or similar software. Safe defaults allow applications to run from PROGRAMFILES, PROGRAMFILES(X86), SYSTEM32, and any ICS software folders. All other locations should be disallowed unless an exception is granted.</li><li>Block RDP connections originating from untrusted external addresses unless an exception exists; routinely review exceptions on a regular basis for validity.</li><li>Store system logs of mission critical systems for at least one year within a security information event management tool.</li><li>Ensure applications are configured to log the proper level of detail for an incident response investigation.</li><li>Consider implementing HIPS or other controls to prevent unauthorized code execution.</li><li>Establish least-privilege controls.</li><li>Reduce the number of Active Directory domain and enterprise administrator accounts.</li><li>Based on the suspected level of compromise, reset all user, administrator, and service account credentials across all local and domain systems.</li><li>Establish a password policy to require complex passwords for all users.</li><li>Ensure that accounts for network administration do not have external connectivity.</li><li>Ensure that network administrators use non-privileged accounts for email and Internet access.</li><li>Use two-factor authentication for all authentication, with special emphasis on any external-facing interfaces and high-risk environments (e.g., remote access, privileged access, and access to sensitive data).</li><li>Implement a process for logging and auditing activities conducted by privileged accounts.</li><li>Enable logging and alerting on privilege escalations and role changes.</li><li>Periodically conduct searches of publically available information to ensure no sensitive information has been disclosed. Review photographs and documents for sensitive data that may have inadvertently been included.</li><li>Assign sufficient personnel to review logs, including records of alerts.</li><li>Complete independent security (as opposed to compliance) risk review.</li><li>Create and participate in information sharing programs.</li><li>Create and maintain network and system documentation to aid in timely incident response. Documentation should include network diagrams, asset owners, type of asset, and an incident response plan.</li></ul><p><strong>Report Notice</strong></p><p>DHS encourages recipients who identify the use of tools or techniques discussed in this document to report information to DHS or law enforcement immediately. To request incident response resources or technical assistance, contact NCCIC at <a href="https://www.us-cert.govmailto:NCCICcustomerservice@hq.dhs.gov">NCCICcustomerservice@hq.dhs.gov </a>or 888-282-0870.</p> <h3>References</h3> <ul> <li><a href="">[1] FireEye. Factors Motivating Cyber Espionage Against the Energy Sector. September 3, 2015 09:21:00AM, 15-00008886, Version: 2</a></li> <li><a href="https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group">[2] Symantec. Dragonfly: Western energy sector targeted by sophisticated attack group. September 6, 2017. </a></li> <li><a href="https://www.symantec.com/connect/blogs/dragonfly-western-energy-sector-targeted-sophisticated-attack-group">[2] Symantec. Dragonfly: Western energy sector targeted by sophisticated attack group. September 6, 2017.</a></li> <li><a href="">[4] CCIRC CF17-010 UPDATE</a></li> <li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10127623_TLP_WHITE.pdf">[5] MIFR-10127623</a></li> </ul> <h3>Revision History</h3> <ul> <li>October 20, 2017: Initial version</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-293A: Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors
  • Sat, 01 Jul 2017 05:41:37 +0000 Original release date: July 01, 2017 | Last revised: February 15, 2018<br /> <h3>Systems Affected</h3> <p>Microsoft Windows operating systems</p> <h3>Overview</h3> <p><em>This Alert has been updated to reflect the U.S. Government's public attribution of the "NotPetya" malware variant to the Russian military. Additional information may be found in a <a href="https://www.whitehouse.gov/briefings-statements/statement-press-secretary-25/">Statement from the White House Press Secretary</a>.<em> For more information related to NotPetya activity, go to <a href="https://www.us-cert.gov/grizzlysteppe">https://www.us-cert.gov/grizzlysteppe</a>.</em></em></p><p>The scope of this Alert’s analysis is limited to the newest Petya malware variant that surfaced on June 27, 2017. This malware is referred to as “NotPetya” throughout this Alert.</p><p>On June 27, 2017, NCCIC <a href="https://www.dhs.gov/national-cybersecurity-and-communications-integration-center">[13]</a> was notified of Petya malware events occurring in multiple countries and affecting multiple sectors. This variant of the Petya malware—referred to as NotPetya—encrypts files with extensions from a hard-coded list. Additionally, if the malware gains administrator rights, it encrypts the master boot record (MBR), making the infected Windows computers unusable. NotPetya differs from previous Petya malware primarily in its propagation methods. </p><p>The NCCIC Code Analysis Team produced a Malware Initial Findings Report (MIFR) to provide in-depth technical analysis of the malware. In coordination with public and private sector partners, NCCIC is also providing additional indicators of compromise (IOCs) in comma-separated-value (CSV) form for information sharing purposes.</p><p>Available Files:</p><ul><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10130295.pdf">MIFR-10130295.pdf</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/MIFR-10130295_stix.xml">MIFR-10130295_stix.xml</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-181B_IOCs.csv">TA-17-181B_IOCs.csv</a></li></ul> <h3>Description</h3> <p>NotPetya leverages multiple propagation methods to spread within an infected network. According to malware analysis, NotPetya attempts the lateral movement techniques below:</p><ul><li>PsExec - a legitimate Windows administration tool</li><li>WMI - Windows Management Instrumentation, a legitimate Windows component</li><li>EternalBlue - the same Windows SMBv1 exploit used by WannaCry</li><li>EternalRomance - another Windows SMBv1 exploit</li></ul><p>Microsoft released a security update for the <a href="https://technet.microsoft.com/library/security/MS17-010">MS17-010</a> SMB vulnerability on March 14, 2017, which addressed the EternalBlue and EternalRomance lateral movement techniques.</p><p><strong>Technical Details</strong></p><p>NCCIC received a sample of the NotPetya malware variant and performed a detailed analysis. Based on the analysis, NotPetya encrypts the victim’s files with a dynamically generated, 128-bit key and creates a unique ID of the victim. However, there is no evidence of a relationship between the encryption key and the victim’s ID, which means it may not be possible for the attacker to decrypt the victim’s files even if the ransom is paid. It behaves more like destructive malware rather than ransomware.</p><p>NCCIC observed multiple methods used by NotPetya to propagate across a network. The first and—in most cases—most effective method, uses a modified version of the Mimikatz tool to steal the user’s Windows credentials. The cyber threat actor can then use the stolen credentials, along with the native Windows Management Instrumentation Command Line (WMIC) tool or the Microsoft SysInternals utility, psexec.exe, to access other systems on the network. Another method for propagation uses the EternalBlue exploit tool to target unpatched systems running a vulnerable version of SMBv1. In this case, the malware attempts to identify other hosts on the network by checking the compromised system’s IP physical address mapping table. Next, it scans for other systems that are vulnerable to the SMB exploit and installs the malicious payload. Refer to the malware report, MIFR-10130295, for more details on these methods.</p><p>The analyzed sample of NotPetya encrypts the compromised system’s files with a 128-bit Advanced Encryption Standard (AES) algorithm during runtime. The malware then writes a text file on the “C:\” drive that includes a static Bitcoin wallet location as well as unique personal installation key intended for the victim to use when making the ransom payment and the user’s Bitcoin wallet ID. NotPetya modifies the master boot record (MBR) to enable encryption of the master file table (MFT) and the original MBR, and then reboots the system. Based on the encryption methods used, it appears unlikely that the files could be restored, even if the attacker received the victim’s unique key and Bitcoin wallet ID.</p><p>The delivery mechanism of NotPetya during the June 27, 2017, event was determined to be the Ukrainian tax accounting software, M.E.Doc. The cyber threat actors used a backdoor to compromise M.E. Doc’s development environment as far back as April 14, 2017. This backdoor allowed the threat actor to run arbitrary commands, exfiltrate files, and download and execute arbitrary exploits on the affected system. Organizations should treat systems with M.E.Doc installed as suspicious, and should examine these systems for additional malicious activity. <a href="http://blog.talosintelligence.com/2017/07/the-medoc-connection.html">[12]</a></p> <h3>Impact</h3> <p>According to multiple reports, this NotPetya malware campaign has infected organizations in several sectors, including finance, transportation, energy, commercial facilities, and healthcare. While these victims are business entities, other Windows systems are also at risk, such as:</p><ul><li>those that do not have patches installed for the vulnerabilities in MS17‑010, CVE-2017-0144, and CVE-2017-0145, and</li><li>those who operate on the  shared network of affected organizations.</li></ul><p>Negative consequences of malware infection include:</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul> <h3>Solution</h3> <p>NCCIC recommends against paying ransoms; doing so enriches malicious actors while offering no guarantee that the encrypted files will be released. In this NotPetya incident, the email address for payment validation was shut down by the email provider, so payment is especially unlikely to lead to data recovery.<a href="https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/">[1]</a> According to one NCCIC stakeholder, the sites listed below sites are used for payment in this activity. These sites are not included in the CSV package as IOCs.</p><p>hxxp://mischapuk6hyrn72[.]onion/<br />hxxp://petya3jxfp2f7g3i[.]onion/<br />hxxp://petya3sen7dyko2n[.]onion/<br />hxxp://mischa5xyix2mrhd[.]onion/MZ2MMJ<br />hxxp://mischapuk6hyrn72[.]onion/MZ2MMJ<br />hxxp://petya3jxfp2f7g3i[.]onion/MZ2MMJ<br />hxxp://petya3sen7dyko2n[.]onion/MZ2MMJ</p><p><strong>Network Signatures</strong></p><p>NCCIC recommends that organizations coordinate with their security vendors to ensure appropriate coverage for this threat. Given the overlap of functionality and the similarity of behaviors between WannaCry and NotPetya, many of the available rulesets can protect against both malware types when appropriately implemented. The following rulesets provided in publically available sources may help detect activity associated with these malware types:</p><ul><li>sid:2001569, “ET SCAN Behavioral Unusual Port 445 traffic Potential Scan or Infection”<a href="http://doc.emergingthreats.net/2001569">[2]</a></li><li>sid:2012063, “ET NETBIOS Microsoft SRV2.SYS SMB Negotiate ProcessID? Function Table Dereference (CVE-2009-3103)”<a href="http://doc.emergingthreats.net/bin/view/Main/2012063">[3]</a></li><li>sid:2024297, “ET CURRENT_EVENTS ETERNALBLUE Exploit M2 MS17-010”<a href="http://docs.emergingthreats.net/bin/view/Main/2024297">[4]</a></li><li>sid:42944,"OS-WINDOWS Microsoft Windows SMB remote code execution attempt"<a href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">[11]</a></li><li>sid:42340,"OS-WINDOWS Microsoft Windows SMB anonymous session IPC share access attempt"<a href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">[11]</a></li><li>sid:41984,"OS-WINDOWS Microsoft Windows SMBv1 identical MID and FID type confusion attempt"<a href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">[11]</a></li></ul><p><strong>Recommended Steps for Prevention</strong></p><p>Review US-CERT’s Alert on The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations <a href="https://www.us-cert.gov/ncas/alerts/TA16-250A">[6]</a>, and consider implementing the following best practices:</p><ul><li>Ensure you have fully patched your systems, and confirm that you have applied Microsoft’s patch for the MS17-010 SMB vulnerability dated March 14, 2017.<a href="https://technet.microsoft.com/library/security/MS17-010">[5]</a></li><li>Conduct regular backups of data and test your backups regularly as part of a comprehensive disaster recovery plan.</li><li>Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.</li><li>Manage the use of privileged accounts. Implement the principle of least privilege. Do not assign administrative access to users unless absolutely needed. Those with a need for administrator accounts should only use them when necessary. </li><li>Configure access controls, including file, directory, and network share permissions with the principle of least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares. </li><li>Secure use of WMI by authorizing WMI users and setting permissions.</li><li>Utilize host-based firewalls and block workstation-to-workstation communications to limit unnecessary lateral communications.</li><li>Disable or limit remote WMI and file sharing.</li><li>Block remote execution through PSEXEC.</li><li>Segregate networks and functions.</li><li>Harden network devices and secure access to infrastructure devices.</li><li>Perform out-of-band network management.</li><li>Validate integrity of hardware and software.</li><li>Disable SMBv1 and block all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139; this applies to all boundary devices.</li></ul><p><strong><em>Note:</em></strong><em> Disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. Weigh the benefits of mitigation against potential disruptions to users.</em></p><p><strong>Recommended Steps for Remediation</strong></p><ul><li>NCCIC strongly encourages organizations contact a local Federal Bureau of Investigation (FBI) field office upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.</li><li>Implement a security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup. </li></ul><p><strong>Report Notice</strong></p><p>DHS encourages recipients who identify the use of tools or techniques discussed in this document to report information to DHS or law enforcement immediately. To request incident response resources or technical assistance, contact NCCIC at <a href="https://www.us-cert.govmailto:NCCICcustomerservice@hq.dhs.gov%20">NCCICcustomerservice@hq.dhs.gov </a>or 888-282-0870. You can also report cyber crime incidents to the Internet Crime Complaint Center (IC3) at <a href="https://www.ic3.gov/default.aspx">https://www.ic3.gov/default.aspx</a>.</p> <h3>References</h3> <ul> <li><a href="https://www.whitehouse.gov/briefings-statements/statement-press-secretary-25/">Statement from the White House Press Secretary</a></li> <li><a href="https://www.bleepingcomputer.com/news/security/email-provider-shuts-down-petya-inbox-preventing-victims-from-recovering-files/">[1] Bleeping Computer: Email Provider Shuts Down Petya Inbox Preventing Victims From Recovering Files</a></li> <li><a href="http://doc.emergingthreats.net/2001569">[2] Emerging Threats 2001569</a></li> <li><a href="http://doc.emergingthreats.net/bin/view/Main/2012063">[3] Emerging Threats 2012063</a></li> <li><a href="http://docs.emergingthreats.net/bin/view/Main/2024297">[4] Emerging Threats 2024297</a></li> <li><a href="https://technet.microsoft.com/library/security/MS17-010">[5] Microsoft: Security Bulletin MS17-010</a></li> <li><a href="https://www.us-cert.gov/ncas/alerts/TA16-250A">[6] US-CERT: The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations</a></li> <li><a href="https://labsblog.f-secure.com/2017/06/30/eternal-petya-from-a-developers-perspective/">[7] F-Secure: (Eternal) Petya from a Developer’s Perspective</a></li> <li><a href="https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/">[8] Microsoft |TechNet: New ransomware, old techniques: Petya adds worm capabilities </a></li> <li><a href="https://www.us-cert.gov/ncas/alerts/TA16-091A">[9] US-CERT: Ransomware and Recent Variants </a></li> <li><a href="https://blogs.technet.microsoft.com/mmpc/2017/06/29/windows-10-platform-resilience-against-the-petya-ransomware-attack/">[10] Microsoft: Windows 10 platform resilience against the Petya ransomware attack</a></li> <li><a href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">[11] Talos: New Ransomware Variant "Nyetya" Compromises Systems Worldwide</a></li> <li><a href="http://blog.talosintelligence.com/2017/07/the-medoc-connection.html">[12] Talos: The MeDoc Connection</a></li> <li><a href="https://www.dhs.gov/national-cybersecurity-and-communications-integration-center">[13] NCCIC is the parent organization of US-CERT</a></li> <li><a href="http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html">[14] New Ransomware Variant "Nyetya" Compromises Systems Worldwide</a></li> <li><a href="https://blogs.technet.microsoft.com/msrc/2017/06/28/update-on-petya-malware-attacks/">Microsoft: Update on Petya Malware attacks</a></li> <li><a href="https://technet.microsoft.com/en-us/library/cc771551(v=ws.11).aspx">Microsoft: Authorize WMI users and set permissions</a></li> <li><a href="https://technet.microsoft.com/en-us/library/cc731011(v=ws.11).aspx">Microsoft: Managing WMI Security</a></li> <li><a href="https://www.us-cert.gov/ncas/alerts/TA16-091A">US-CERT Alert TA16-091A</a></li> </ul> <h3>Revision History</h3> <ul> <li>July 1, 2017: Initial version</li> <li>July 3, 2017: Updated to include MIFR-10130295_stix.xml file. Substituted TA-17-181B_IOCs.csv for TA-17-181A_IOCs.csv.</li> <li>July 7, 2017: Included further guidance from Microsoft in the Reference Section</li> <li>July 28, 2017: Revised multiple sections based on additional analysis provided</li> <li>February 15, 2018: Added attribution of the NotPetya malware variant to the Russian military and link to White House press statement.</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-181A: Petya Ransomware
  • Tue, 13 Jun 2017 15:45:09 +0000 Original release date: June 13, 2017 | Last revised: August 23, 2017<br /> <h3>Systems Affected</h3> <p>Networked Systems</p> <h3>Overview</h3> <p>This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert provides technical details on the tools and infrastructure used by cyber actors of the North Korean government to target the media, aerospace, financial, and critical infrastructure sectors in the United States and globally. Working with U.S. Government partners, DHS and FBI identified Internet Protocol (IP) addresses associated with a malware variant, known as DeltaCharlie, used to manage North Korea’s distributed denial-of-service (DDoS) botnet infrastructure. This alert contains indicators of compromise (IOCs), malware descriptions, network signatures, and host-based rules to help network defenders detect activity conducted by the North Korean government. The U.S. Government refers to the malicious cyber activity by the North Korean government as HIDDEN COBRA. For more information related to HIDDEN COBRA activity, go to <a href="https://www.us-cert.gov/hiddencobra">https://www.us-cert.gov/hiddencobra</a>.</p><p>If users or administrators detect the custom tools indicative of HIDDEN COBRA, these tools should be immediately flagged, reported to the DHS National Cybersecurity Communications and Integration Center (NCCIC) or the FBI Cyber Watch (CyWatch), and given highest priority for enhanced mitigation. This alert identifies IP addresses linked to systems infected with DeltaCharlie malware and provides descriptions of the malware and associated malware signatures. DHS and FBI are distributing these IP addresses to enable network defense activities and reduce exposure to the DDoS command-and-control network. FBI has high confidence that HIDDEN COBRA actors are using the IP addresses for further network exploitation.</p><p>This alert includes technical indicators related to specific North Korean government cyber operations and provides suggested response actions to those indicators, recommended mitigation techniques, and information on reporting incidents to the U.S. Government.</p><p>For a downloadable copy of IOCs, see:</p><ul><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-164A_csv.csv">.csv</a>)</li><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-164A_stix.xml">.stix</a>)</li></ul><p>On August 23, 2017, DHS published a Malware Analysis Report (MAR-10132963) that examines malware functionality to provide detailed code analysis and insight into specific tactics, techniques, and procedures (TTPs) observed in the malware.</p><p>For a downloadable copy of the MAR, see:</p><ul><li>MAR (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10132963.pdf">.pdf</a>)</li><li>MAR IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/MAR-10132963_stix.xml">.stix</a>)</li></ul> <h3>Description</h3> <p>Since 2009, HIDDEN COBRA actors have leveraged their capabilities to target and compromise a range of victims; some intrusions have resulted in the exfiltration of data while others have been disruptive in nature. Commercial reporting has referred to this activity as Lazarus Group<a href="https://exchange.xforce.ibmcloud.com/collection/Actor-Lazarus-Group-0bf5e50d24445f94d6b2d744dc6c63a2">[1]</a> and Guardians of Peace.<a href="https://www.alienvault.com/blogs/labs-research/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks">[2]</a> DHS and FBI assess that HIDDEN COBRA actors will continue to use cyber operations to advance their government’s military and strategic objectives. Cyber analysts are encouraged to review the information provided in this alert to detect signs of malicious network activity.</p><p>Tools and capabilities used by HIDDEN COBRA actors include DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware. Variants of malware and tools used by HIDDEN COBRA actors include Destover,<a href="https://www.symantec.com/connect/blogs/destover-destructive-malware-has-links-attacks-south-korea">[3]</a> Wild Positron/Duuzer,<a href="https://www.symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers">[4]</a> and Hangman.<a href="https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html">[5]</a> DHS has previously released Alert TA14-353A,<a href="https://www.us-cert.gov/ncas/alerts/TA14-353A">[6]</a> which contains additional details on the use of a server message block (SMB) worm tool employed by these actors. Further research is needed to understand the full breadth of this group’s cyber capabilities. In particular, DHS recommends that more research should be conducted on the North Korean cyber activity that has been reported by cybersecurity and threat research firms.</p><p>HIDDEN COBRA actors commonly target systems running older, unsupported versions of Microsoft operating systems. The multiple vulnerabilities in these older systems provide cyber actors many targets for exploitation. These actors have also used Adobe Flash player vulnerabilities to gain initial entry into users’ environments.</p><p>HIDDEN COBRA is known to use vulnerabilities affecting various applications. These vulnerabilities include:</p><ul><li>CVE-2015-6585: Hangul Word Processor Vulnerability</li><li>CVE-2015-8651: Adobe Flash Player 18.0.0.324 and 19.x Vulnerability</li><li>CVE-2016-0034: Microsoft Silverlight 5.1.41212.0 Vulnerability</li><li>CVE-2016-1019: Adobe Flash Player 21.0.0.197 Vulnerability</li><li>CVE-2016-4117: Adobe Flash Player 21.0.0.226 Vulnerability</li></ul><p>DHS recommends that organizations upgrade these applications to the latest version and patch level. If Adobe Flash or Microsoft Silverlight is no longer required, DHS recommends that those applications be removed from systems.</p><p>The IOCs provided with this alert include IP addresses determined to be part of the HIDDEN COBRA botnet infrastructure, identified as DeltaCharlie. The DeltaCharlie DDoS bot was originally reported by Novetta in their 2016 Operation Blockbuster Malware Report.<a href="https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Destructive-Malware-Report.pdf">[7]</a> This malware has used the IP addresses identified in the accompanying .csv and .stix files as both source and destination IPs. In some instances, the malware may have been present on victims’ networks for a significant period.</p><p><strong><em>Technical Details</em></strong></p><p>DeltaCharlie is a DDoS tool used by HIDDEN COBRA actors, and is referenced and detailed in Novetta’s Operation Blockbuster Destructive Malware report. The information related to DeltaCharlie from the Operation Blockbuster Destructive Malware report should be viewed in conjunction with the IP addresses listed in the .csv and .stix files provided within this alert. DeltaCharlie is a DDoS tool capable of launching Domain Name System (DNS) attacks, Network Time Protocol (NTP) attacks, and Carrier Grade NAT (CGN) attacks. The malware operates on victims’ systems as a svchost-based service and is capable of downloading executables, changing its own configuration, updating its own binaries, terminating its own processes, and activating and terminating denial-of-service attacks. Further details on the malware can be found in Novetta’s report available at the following URL:</p><p><a href="https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Destructive-Malware-Report.pdf">https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Destructive-Malware-Report.pdf</a></p><p><strong><em>Detection and Response</em></strong></p><p>HIDDEN COBRA IOCs related to DeltaCharlie are provided within the accompanying .csv and .stix files of this alert. DHS and FBI recommend that network administrators review the IP addresses, file hashes, network signatures, and YARA rules provided, and add the IPs to their watchlist to determine whether malicious activity has been observed within their organization.</p><p>When reviewing network perimeter logs for the IP addresses, organizations may find numerous instances of these IP addresses attempting to connect to their systems. Upon reviewing the traffic from these IP addresses, system owners may find that some traffic corresponds to malicious activity and some to legitimate activity. System owners are also advised to run the YARA tool on any system they suspect to have been targeted by HIDDEN COBRA actors. Additionally, the appendices of this report provide network signatures to aid in the detection and mitigation of HIDDEN COBRA activity.</p><p><strong><em>Network Signatures and Host-Based Rules</em></strong></p><p>This section contains network signatures and host-based rules that can be used to detect malicious activity associated with HIDDEN COBRA actors. Although created using a comprehensive vetting process, the possibility of false positives always remains. These signatures and rules should be used to supplement analysis and should not be used as a sole source of attributing this activity to HIDDEN COBRA actors.</p><p><strong><em>Network Signatures</em></strong></p><p>alert tcp any any -&gt; any any (msg:"DPRK_HIDDEN_COBRA_DDoS_HANDSHAKE_SUCCESS"; dsize:6; flow:established,to_server; content:"|18 17 e9 e9 e9 e9|"; fast_pattern:only; sid:1; rev:1;)</p><p>________________________________________________________________</p><p>alert tcp any any -&gt; any any (msg:"DPRK_HIDDEN_COBRA_Botnet_C2_Host_Beacon"; flow:established,to_server; content:"|1b 17 e9 e9 e9 e9|"; depth:6; fast_pattern; sid:1; rev:1;)</p><p>________________________________________________________________</p><p><strong><em>YARA Rules</em></strong></p><p>{</p><p>meta:</p><p>description = “RSA Key”</p><p>strings:</p><p>$rsaKey = {7B 4E 1E A7 E9 3F 36 4C DE F4 F0 99 C4 D9 B7 94</p><p>A1 FF F2 97 D3 91 13 9D C0 12 02 E4 4C BB 6C 77</p><p>48 EE 6F 4B 9B 53 60 98 45 A5 28 65 8A 0B F8 39</p><p>73 D7 1A 44 13 B3 6A BB 61 44 AF 31 47 E7 87 C2</p><p>AE 7A A7 2C 3A D9 5C 2E 42 1A A6 78 FE 2C AD ED</p><p>39 3F FA D0 AD 3D D9 C5 3D 28 EF 3D 67 B1 E0 68</p><p>3F 58 A0 19 27 CC 27 C9 E8 D8 1E 7E EE 91 DD 13</p><p>B3 47 EF 57 1A CA FF 9A 60 E0 64 08 AA E2 92 D0}</p><p>condition:</p><p>any of them</p><p>}</p><p>________________________________________________________________</p><p>{</p><p>meta:</p><p>description = “DDoS Misspelled Strings”</p><p>strings:</p><p>$STR1 = "Wating" wide ascii</p><p>$STR2 = "Reamin" wide ascii</p><p>$STR3 = "laptos" wide ascii</p><p>condition:</p><p>(uint16(0) == 0x5A4D or uint16(0) == 0xCFD0 or uint16(0) == 0xC3D4 or uint32(0) == 0x46445025 or uint32(1) == 0x6674725C) and 2 of them</p><p>}</p><p>________________________________________________________________</p><p>{</p><p>meta:</p><p>description = “DDoS Random URL Builder”</p><p>strings:</p><p>$randomUrlBuilder = { 83 EC 48 53 55 56 57 8B 3D ?? ?? ?? ?? 33 C0 C7 44 24 28 B4 6F 41 00 C7 44 24 2C B0 6F 41 00 C7 44 24 30 AC 6F 41 00 C7 44 24 34 A8 6F 41 00 C7 44 24 38 A4 6F 41 00 C7 44 24 3C A0 6F 41 00 C7 44 24 40 9C 6F 41 00 C7 44 24 44 94 6F 41 00 C7 44 24 48 8C 6F 41 00 C7 44 24 4C 88 6F 41 00 C7 44 24 50 80 6F 41 00 89 44 24 54 C7 44 24 10 7C 6F 41 00 C7 44 24 14 78 6F 41 00 C7 44 24 18 74 6F 41 00 C7 44 24 1C 70 6F 41 00 C7 44 24 20 6C 6F 41 00 89 44 24 24 FF D7 99 B9 0B 00 00 00 F7 F9 8B 74 94 28 BA 9C 6F 41 00 66 8B 06 66 3B 02 74 34 8B FE 83 C9 FF 33 C0 8B 54 24 60 F2 AE 8B 6C 24 5C A1 ?? ?? ?? ?? F7 D1 49 89 45 00 8B FE 33 C0 8D 5C 11 05 83 C9 FF 03 DD F2 AE F7 D1 49 8B FE 8B D1 EB 78 FF D7 99 B9 05 00 00 00 8B 6C 24 5C F7 F9 83 C9 FF 33 C0 8B 74 94 10 8B 54 24 60 8B FE F2 AE F7 D1 49 BF 60 6F 41 00 8B D9 83 C9 FF F2 AE F7 D1 8B C2 49 03 C3 8B FE 8D 5C 01 05 8B 0D ?? ?? ?? ?? 89 4D 00 83 C9 FF 33 C0 03 DD F2 AE F7 D1 49 8D 7C 2A 05 8B D1 C1 E9 02 F3 A5 8B CA 83 E1 03 F3 A4 BF 60 6F 41 00 83 C9 FF F2 AE F7 D1 49 BE 60 6F 41 00 8B D1 8B FE 83 C9 FF 33 C0 F2 AE F7 D1 49 8B FB 2B F9 8B CA 8B C1 C1 E9 02 F3 A5 8B C8 83 E1 03 F3 A4 8B 7C 24 60 8D 75 04 57 56 E8 ?? ?? ?? ?? 83 C4 08 C6 04 3E 2E 8B C5 C6 03 00 5F 5E 5D 5B 83 C4 48 C3 }</p><p>condition:</p><p>$randomUrlBuilder</p><div><div id="ftn1"><div><div id="ftn1"><p>}</p><p>________________________________________________________________</p></div><div id="ftn2"> </div></div></div></div> <h3>Impact</h3> <p>A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul> <h3>Solution</h3> <p><strong><em>Mitigation Strategies</em></strong></p><p>Network administrators are encouraged to apply the following recommendations, which can prevent as many as 85 percent of targeted cyber intrusions. The mitigation strategies provided may seem like common sense. However, many organizations fail to use these basic security measures, leaving their systems open to compromise:</p><ol><li><strong>Patch applications and operating systems</strong> – Most attackers target vulnerable applications and operating systems. Ensuring that applications and operating systems are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker. Use best practices when updating software and patches by only downloading updates from authenticated vendor sites.</li><li><strong>Use application whitelisting</strong> – Whitelisting is one of the best security strategies because it allows only specified programs to run while blocking all others, including malicious software.</li><li><strong>Restrict administrative privileges</strong> – Threat actors are increasingly focused on gaining control of legitimate credentials, especially credentials associated with highly privileged accounts. Reduce privileges to only those needed for a user’s duties. Separate administrators into privilege tiers with limited access to other tiers.</li><li><strong>Segment networks and segregate them into security zones</strong> – Segment networks into logical enclaves and restrict host-to-host communications paths. This helps protect sensitive information and critical services, and limits damage from network perimeter breaches.</li><li><strong>Validate input</strong> – Input validation is a method of sanitizing untrusted input provided by users of a web application. Implementing input validation can protect against the security flaws of web applications by significantly reducing the probability of successful exploitation. Types of attacks possibly averted include Structured Query Language (SQL) injection, cross-site scripting, and command injection.</li><li><strong>Use stringent file reputation settings</strong> – Tune the file reputation systems of your anti-virus software to the most aggressive setting possible. Some anti-virus products can limit execution to only the highest reputation files, stopping a wide range of untrustworthy code from gaining control.</li><li><strong>Understand firewalls</strong> – Firewalls provide security to make your network less susceptible to attack. They can be configured to block data and applications from certain locations (IP whitelisting), while allowing relevant and necessary data through.</li></ol><p><strong><em>Response to Unauthorized Network Access</em></strong></p><p><strong>Enforce your security incident response and business continuity plan.</strong> It may take time for your organization’s IT professionals to isolate and remove threats to your systems and restore normal operations. Meanwhile, you should take steps to maintain your organization’s essential functions according to your business continuity plan. Organizations should maintain and regularly test backup plans, disaster recovery plans, and business continuity procedures.</p><p><strong>Contact DHS or your local FBI office immediately.</strong> To report an intrusion and request resources for incident response or technical assistance, you are encouraged to contact DHS NCCIC (NCCICCustomerService@hq.dhs.gov or 888-282-0870), the FBI through a local field office, or the FBI’s Cyber Division (CyWatch@fbi.gov or 855-292-3937).</p><p><strong><em>Protect Against SQL Injection and Other Attacks on Web Services</em></strong></p><p>To protect against code injections and other attacks, system operators should routinely evaluate known and published vulnerabilities, periodically perform software updates and technology refreshes, and audit external-facing systems for known web application vulnerabilities. They should also take the following steps to harden both web applications and the servers hosting them to reduce the risk of network intrusion via this vector.</p><ul><li>Use and configure available firewalls to block attacks.</li><li>Take steps to secure Windows systems, such as installing and configuring Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) and Microsoft AppLocker.</li><li>Monitor and remove any unauthorized code present in any www directories.</li><li>Disable, discontinue, or disallow the use of Internet Control Message Protocol (ICMP) and Simple Network Management Protocol (SNMP) as much as possible.</li><li>Remove unnecessary HTTP verbs from web servers. Typical web servers and applications only require GET, POST, and HEAD.</li><li>Where possible, minimize server fingerprinting by configuring web servers to avoid responding with banners identifying the server software and version number.</li><li>Secure both the operating system and the application.</li><li>Update and patch production servers regularly.</li><li>Disable potentially harmful SQL-stored procedure calls.</li><li>Sanitize and validate input to ensure that it is properly typed and does not contain escaped code.</li><li>Consider using type-safe stored procedures and prepared statements.</li><li>Audit transaction logs regularly for suspicious activity.</li><li>Perform penetration testing on web services.</li><li>Ensure error messages are generic and do not expose too much information.</li></ul><p><strong><em>Permissions, Privileges, and Access Controls</em></strong></p><p>System operators should take the following steps to limit permissions, privileges, and access controls.</p><ul><li>Reduce privileges to only those needed for a user’s duties.</li><li>Restrict users’ ability (permissions) to install and run unwanted software applications, and apply the principle of “Least Privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.</li><li>Carefully consider the risks before granting administrative rights to users on their own machines.</li><li>Scrub and verify all administrator accounts regularly.</li><li>Configure Group Policy to restrict all users to only one login session, where possible.</li><li>Enforce secure network authentication, where possible.</li><li>Instruct administrators to use non-privileged accounts for standard functions such as web browsing or checking webmail.</li><li>Segment networks into logical enclaves and restrict host-to-host communication paths. Containment provided by enclaving also makes incident cleanup significantly less costly.</li><li>Configure firewalls to disallow Remote Desktop Protocol (RDP) traffic coming from outside of the network boundary, except for in specific configurations such as when tunneled through a secondary virtual private network (VPN) with lower privileges.</li><li>Audit existing firewall rules and close all ports that are not explicitly needed for business. Specifically, carefully consider which ports should be connecting outbound versus inbound.</li><li>Enforce a strict lockout policy for network users and closely monitor logs for failed login activity. Failed login activity can be indicative of failed intrusion activity.</li><li>If remote access between zones is an unavoidable business need, log and monitor these connections closely.</li><li>In environments with a high risk of interception or intrusion, organizations should consider supplementing password authentication with other forms of authentication such as challenge/response or multifactor authentication using biometric or physical tokens.</li></ul><p><strong><em>Logging Practices</em></strong></p><p>System operators should follow these secure logging practices.</p><ul><li>Ensure event logging, including applications, events, login activities, and security attributes, is turned on or monitored for identification of security issues.</li><li>Configure network logs to provide adequate information to assist in quickly developing an accurate determination of a security incident.</li><li>Upgrade PowerShell to new versions with enhanced logging features and monitor the logs to detect usage of PowerShell commands, which are often malware-related.</li><li>Secure logs in a centralized location and protect them from modification.</li><li>Prepare an incident response plan that can be rapidly administered in case of a cyber intrusion.</li></ul> <h3>References</h3> <ul> <li><a href="https://exchange.xforce.ibmcloud.com/collection/Actor-Lazarus-Group-0bf5e50d24445f94d6b2d744dc6c63a2">[1] IBM. Actor Lazarus Group – Blog Post by IBM X-Force Exchange.</a></li> <li><a href="https://www.alienvault.com/blogs/labs-research/operation-blockbuster-unveils-the-actors-behind-the-sony-attacks">[2] AlienVault. Operation Blockbuster Unveils the Actors Behind the Sony Attacks.</a></li> <li><a href="https://www.symantec.com/connect/blogs/destover-destructive-malware-has-links-attacks-south-korea">[3] Symantec. Destover: Destructive Malware has links back to attacks on South Korea.</a></li> <li><a href="https://www.symantec.com/connect/blogs/duuzer-back-door-trojan-targets-south-korea-take-over-computers">[4] Symantec. Duuzer back door Trojan targets South Korea to take over computers.</a></li> <li><a href="https://www.fireeye.com/blog/threat-research/2015/09/zero-day_hwp_exploit.html">[5] FireEye. Zero-Day HWP Exploit.</a></li> <li><a href="https://www.us-cert.gov/ncas/alerts/TA14-353A">[6] US-CERT. Alert (TA14-353A) Targeted Destructive Malware. Original Release Date: 12/19/2014 | Last revised: 9/30/2016</a></li> <li><a href="https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Destructive-Malware-Report.pdf">[7] Novetta. Operation Blockbuster Destructive Malware Report.</a></li> </ul> <h3>Revision History</h3> <ul> <li>June 13, 2017: Initial Release</li> <li>August 23, 2017: Updated YARA Rules and included MAR-10132963 (.pdf and .stix files)</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-164A: HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure
  • Mon, 12 Jun 2017 21:44:47 +0000 Original release date: June 12, 2017 | Last revised: July 27, 2017<br /> <h3>Systems Affected</h3> <p>Industrial Control Systems</p> <h3>Overview</h3> <p>The National Cybersecurity and Communications Integration Center (NCCIC) is aware of public reports from ESET and Dragos outlining a new, highly capable Industrial Controls Systems (ICS) attack platform that was reportedly used in 2016 against critical infrastructure in Ukraine. As reported by <a href="https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf">ESET</a> and <a href="https://www.dragos.com/blog/crashoverride/">Dragos</a>, the CrashOverride malware is an extensible platform that could be used to target critical infrastructure sectors. NCCIC is working with its partners to validate the ESET and Dragos analysis, and develop a better understanding of the risk this new malware poses to U.S. critical infrastructure.</p><p>Although this activity is still under investigation, NCCIC is sharing this report to provide organizations with detection and mitigation recommendations to help prevent future compromises within their critical infrastructure networks. NCCIC continues to work with interagency and international partners on this activity and will provide updates as information becomes available.</p><p>For a downloadable copy of indicators of compromise (IOCs), see:</p><ul><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-163A_IOCs.csv">.csv</a>)</li><li>IOCs (<a href="https://www.us-cert.gov/sites/default/files/publications/TA-17-163A_IOCs.stix.XML">.stix</a>)</li></ul><p>To report activity related to this Alert, please contact NCCIC at <a href="https://www.us-cert.govmailto:NCCICCustomerService@hq.dhs.gov">NCCICCustomerService@hq.dhs.gov</a> or 1-888-282-0870.</p><h4>Risk Evaluation</h4><table border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;"><tbody><tr><td>NCCIC Cyber Incident Scoring System (NCISS) Rating Priority Level (Color)</td></tr><tr><td>Yellow (Medium)</td></tr><tr><td>A medium priority incident may affect public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence.</td></tr></tbody></table><h4>Details</h4><p>There is no evidence to suggest this malware has affected U.S. critical infrastructure. However, the tactics, techniques, and procedures (TTPs) described as part of the CrashOverride malware could be modified to target U.S. critical information networks and systems.</p> <h3>Description</h3> <h4>Technical Analysis</h4><p>CrashOverride malware represents a scalable, capable platform. The modules and capabilities publically reported appear to focus on organizations using ICS protocols IEC101, IEC104, and IEC61850, which are more commonly used outside the United States in electric power control systems. The platform fundamentally abuses the functionality of a targeted ICS system’s legitimate control system to achieve its intended effect. While the known capabilities do not appear to be U.S.-focused, it is important to recognize that the general TTPs used in CrashOverride could be leveraged with modified technical implementations to affect U.S.-based critical infrastructure. With further modification, CrashOverride or similar malware could have implications beyond electric power so all critical infrastructure organizations should be evaluating their systems to susceptibilities in the TTPs outlined. The malware has several reported capabilities:</p><ol><li>Issues valid commands directly to remote terminal units (RTUs) over ICS protocols. As reported by Dragos, one such command sequence toggles circuit breakers in a rapid open-close-open-close pattern. This could create conditions where individual utilities may island from infected parties, potentially resulting in a degradation of grid reliability.</li><li>Denies service to local serial COM ports on windows devices, therefore preventing legitimate communications with field equipment over serial from the affected device.</li><li>Scans and maps ICS environment using a variety of protocols, including Open Platform Communications (OPC). This significantly improves the payload’s probability of success.</li><li>Could exploit Siemens relay denial-of-service (DoS) vulnerability, leading to a shutdown of the relay. In this instance, the relay would need to be manually reset to restore functionality.</li><li>Includes a wiper module in the platform that renders windows systems inert, requiring a rebuild or backup restoration.</li></ol><h4>Detection</h4><p>As CrashOverride is a second stage malware capability and has the ability to operate independent of initial C2, traditional methods of detection may not be sufficient to detect infections prior to the malware executing. As a result, organizations are encouraged to implement behavioral analysis techniques to attempt to identify precursor activity to CrashOverride. As additional information becomes available on stage one infection vectors and TTPs, this alert will be updated.</p><p>NCCIC is providing a compilation of IOCs (see links above) from a variety of sources to aid in the detection of this malware. The sources provided do not constitute an exhaustive list and the U.S. Government does not endorse or support any particular product or vendor’s information referenced in this report. However, NCCIC has included this data to ensure wide distribution of the most comprehensive information available and will provide updates as warranted.</p><h5>Signatures</h5><p><code>import “pe”<br />import “hash”</code></p><p><code>rule dragos_crashoverride_exporting_dlls<br />{<br />meta:<br />description = “CRASHOVERRIDE v1 Suspicious Export”<br />author = “Dragos Inc”<br />condition:<br />pe.exports(“Crash”) &amp; pe.characteristics<br />}</code></p><p><code>rule dragos_crashoverride_suspcious<br />{<br />meta:<br />description = “CRASHOVERRIDE v1 Wiper”<br />author = “Dragos Inc”<br />strings:<br />$s0 = “SYS_BASCON.COM” fullword nocase wide<br />$s1 = “.pcmp” fullword nocase wide<br />$s2 = “.pcmi” fullword nocase wide<br />$s3 = “.pcmt” fullword nocase wide<br />$s4 = “.cin” fullword nocase wide<br />condition:<br />pe.exports(“Crash”) and any of ($s*)<br />}</code></p><p><code>rule dragos_crashoverride_name_search {<br />meta:<br />description = “CRASHOVERRIDE v1 Suspicious Strings and Export”<br />author = “Dragos Inc”<br />strings:<br />$s0 = “101.dll” fullword nocase wide<br />$s1 = “Crash101.dll” fullword nocase wide<br />$s2 = “104.dll” fullword nocase wide<br />$s3 = “Crash104.dll” fullword nocase wide<br />$s4 = “61850.dll” fullword nocase wide<br />$s5 = “Crash61850.dll” fullword nocase wide<br />$s6 = “OPCClientDemo.dll” fullword nocase wide<br />$s7 = “OPC” fullword nocase wide<br />$s8 = “CrashOPCClientDemo.dll” fullword nocase wide<br />$s9 = “D2MultiCommService.exe” fullword nocase wide<br />$s10 = “CrashD2MultiCommService.exe” fullword nocase wide<br />$s11 = “61850.exe” fullword nocase wide<br />$s12 = “OPC.exe” fullword nocase wide<br />$s13 = “haslo.exe” fullword nocase wide<br />$s14 = “haslo.dat” fullword nocase wide<br />condition:<br />any of ($s*) and pe.exports(“Crash”)<br />}</code></p><p><code>rule dragos_crashoverride_hashes {<br />meta:<br />description = “CRASHOVERRIDE Malware Hashes”<br />author = “Dragos Inc”</code></p><p><code>condition:<br />filesize &lt; 1MB and<br />hash.sha1(0, filesize) == “f6c21f8189ced6ae150f9ef2e82a3a57843b587d” or<br />hash.sha1(0, filesize) == “cccce62996d578b984984426a024d9b250237533” or<br />hash.sha1(0, filesize) == “8e39eca1e48240c01ee570631ae8f0c9a9637187” or<br />hash.sha1(0, filesize) == “2cb8230281b86fa944d3043ae906016c8b5984d9” or<br />hash.sha1(0, filesize) == “79ca89711cdaedb16b0ccccfdcfbd6aa7e57120a” or<br />hash.sha1(0, filesize) == “94488f214b165512d2fc0438a581f5c9e3bd4d4c” or<br />hash.sha1(0, filesize) == “5a5fafbc3fec8d36fd57b075ebf34119ba3bff04” or<br />hash.sha1(0, filesize) == “b92149f046f00bb69de329b8457d32c24726ee00” or<br />hash.sha1(0, filesize) == “b335163e6eb854df5e08e85026b2c3518891eda8”<br />}</code></p><p><code>rule dragos_crashoverride_moduleStrings {<br />meta:<br />description = “IEC-104 Interaction Module Program Strings”<br />author = “Dragos Inc”<br />strings:<br />$s1 = “IEC-104 client: ip=%s; port=%s; ASDU=%u” nocase wide ascii<br />$s2 = “ MSTR -&gt;&gt; SLV” nocase wide ascii<br />$s3 = “ MSTR &lt;&lt;- SLV” nocase wide ascii<br />$s4 = “Unknown APDU format !!!” nocase wide ascii<br />$s5 = “iec104.log” nocase wide ascii<br />condition:<br />any of ($s*)<br />}</code></p><p><code>rule dragos_crashoverride_configReader<br />{<br />meta:<br />description = “CRASHOVERRIDE v1 Config File Parsing”<br />author = “Dragos Inc”<br />strings:<br />$s0 = { 68 e8 ?? ?? ?? 6a 00 e8 a3 ?? ?? ?? 8b f8 83 c4 ?8 }<br />$s1 = { 8a 10 3a 11 75 ?? 84 d2 74 12 }<br />$s2 = { 33 c0 eb ?? 1b c0 83 c8 ?? }<br />$s3 = { 85 c0 75 ?? 8d 95 ?? ?? ?? ?? 8b cf ?? ?? }<br />condition:<br />all of them<br />}</code></p><p><br /><code>rule dragos_crashoverride_configReader<br />{<br />meta:<br />description = “CRASHOVERRIDE v1 Config File Parsing”<br />author = “Dragos Inc”<br />strings:<br />$s0 = { 68 e8 ?? ?? ?? 6a 00 e8 a3 ?? ?? ?? 8b f8 83 c4 ?8 }<br />$s1 = { 8a 10 3a 11 75 ?? 84 d2 74 12 }<br />$s2 = { 33 c0 eb ?? 1b c0 83 c8 ?? }<br />$s3 = { 85 c0 75 ?? 8d 95 ?? ?? ?? ?? 8b cf ?? ?? }<br />condition:<br />all of them<br />}</code></p><p><code>rule dragos_crashoverride_weirdMutex<br />{<br />meta:<br />description = “Blank mutex creation assoicated with CRASHOVERRIDE”<br />author = “Dragos Inc”<br />strings:<br />$s1 = { 81 ec 08 02 00 00 57 33 ff 57 57 57 ff 15 ?? ?? 40 00 a3 ?? ?? ?? 00 85 c0 }<br />$s2 = { 8d 85 ?? ?? ?? ff 50 57 57 6a 2e 57 ff 15 ?? ?? ?? 00 68 ?? ?? 40 00}<br />condition:<br />all of them<br />}</code></p><p><code>rule dragos_crashoverride_serviceStomper<br />{<br />meta:<br />description = “Identify service hollowing and persistence setting”<br />author = “Dragos Inc”<br />strings:<br />$s0 = { 33 c9 51 51 51 51 51 51 ?? ?? ?? }<br />$s1 = { 6a ff 6a ff 6a ff 50 ff 15 24 ?? 40 00 ff ?? ?? ff 15 20 ?? 40 00 }<br />condition:<br />all of them<br />}</code></p><p><code>rule dragos_crashoverride_wiperModuleRegistry<br />{<br />meta:<br />description = “Registry Wiper functionality assoicated with CRASHOVERRIDE”<br />author = “Dragos Inc”<br />strings:<br />$s0 = { 8d 85 a0 ?? ?? ?? 46 50 8d 85 a0 ?? ?? ?? 68 68 0d ?? ?? 50 }<br />$s1 = { 6a 02 68 78 0b ?? ?? 6a 02 50 68 b4 0d ?? ?? ff b5 98 ?? ?? ?? ff 15 04 ?? ?? ?? }<br />$s2 = { 68 00 02 00 00 8d 85 a0 ?? ?? ?? 50 56 ff b5 9c ?? ?? ?? ff 15 00 ?? ?? ?? 85 c0 }<br />condition:<br />all of them<br />}</code></p><p><code>rule dragos_crashoverride_wiperFileManipulation<br />{<br />meta:<br />description = “File manipulation actions associated with CRASHOVERRIDE wip¬er”<br />author = “Dragos Inc”<br />strings:<br />$s0 = { 6a 00 68 80 00 00 00 6a 03 6a 00 6a 02 8b f9 68 00 00 00 40 57 ff 15 1c ?? ?? ?? 8b d8 }<br />$s2 = { 6a 00 50 57 56 53 ff 15 4c ?? ?? ?? 56 }<br />condition:<br />all of them<br />}</code></p> <h3>Impact</h3> <p>A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.<br /> </li></ul> <h3>Solution</h3> <p>Properly implemented defensive techniques and common cyber hygiene practices increase the complexity of barriers that adversaries must overcome to gain unauthorized access to critical information networks and systems. In addition, detection and prevention mechanisms can expose malicious network activity, enabling organizations to contain and respond to intrusions more rapidly. There is no set of defensive techniques or programs that will completely avert all attacks however, layered cybersecurity defenses will aid in reducing an organization’s attack surface and will increase the likelihood of detection. This layered mitigation approach is known as defense-in-depth.<br />NCCIC has based its mitigations and recommendations on its analysis of the public reporting of this malware and will be provide updates as more information becomes available.<br />Critical infrastructure companies should ensure that they are following best practices, which are outlined in the <a href="http://ics-cert.us-cert.gov/sites/default/files/documents/Seven Steps to Effectively Defend Industrial Control Systems_S508C.pdf">Seven Steps to Effectively Defend Industrial Control Systems</a> document produced jointly by DHS, NSA, and FBI.</p><h4>Application Whitelisting</h4><p>Application whitelisting (AWL) can detect and prevent attempted execution of malware uploaded by adversaries. Application whitelisting hardens operating systems and prevents the execution of unauthorized software. The static nature of some systems, such as database servers and human-machine interface (HMI) computers make these ideal candidates to run AWL. NCCIC encourages operators to work with their vendors to baseline and calibrate AWL deployments.<br />Operators may choose to implement directory whitelisting rather than trying to list every possible permutation of applications in an environment. Operators may implement application or application directory whitelisting through Microsoft Software Restriction Policy (SRP), AppLocker, or similar application whitelisting software. Safe defaults allow applications to run from PROGRAMFILES, PROGRAMFILES(X86), SYSTEM32, and any ICS software folders. All other locations should be disallowed unless an exception is granted.</p><h4>Manage Authentication and Authorization</h4><p>This malware exploits the lack of authentication and authorization in common ICS protocols to issue unauthorized commands to field devices. Asset owners/operators should implement authentication and authorization protocols to ensure field devices verify the authenticity of commands before they are actioned. In some instances, legacy hardware may not be capable of implementing these protections. In these cases, asset owners can either leverage ICS firewalls to do stateful inspection and authentication of commands, or upgrade their control field devices.</p><p>Adversaries are increasingly focused on gaining control of legitimate credentials, especially those associated with highly privileged accounts. Compromising these credentials allows adversaries to masquerade as legitimate users, leaving less evidence of compromise than more traditional attack options (i.e., exploiting vulnerabilities or uploading malware). For this reason, operators should implement multi-factor authentication where possible and reduce privileges to only those needed for a user’s duties. If passwords are necessary, operators should implement secure password policies, stressing length over complexity. For all accounts, including system and non-interactive accounts, operators should ensure credentials are unique, and changed, at a minimum, every 90 days.</p><p>NCCIC also recommends that operators require separate credentials for corporate and control network zones and store them in separate trust stores. Operators should never share Active Directory, RSA ACE servers, or other trust stores between corporate and control networks. Specifically, operators should:</p><ul><li>Decrease a threat actor’s ability to access key network resources by implementing the principle of least privilege;</li><li>Limit the ability of a local administrator account to login from a local interactive session (e.g., “Deny access to this computer from the network”) and prevent access via a remote desktop protocol session;</li><li>Remove unnecessary accounts, groups, and restrict root access;</li><li>Control and limit local administration; and</li><li>Make use of the Protected Users Active Directory group in Windows Domains to further secure privileged user accounts against pass-the-hash attacks.</li></ul><h4>Handling Destructive Malware</h4><p>Destructive malware continues to be a threat to both critical infrastructure and business systems. NCCIC encourages organizations to review the <a href="https://ics-cert.us-cert.gov/sites/default/files/documents/Destructive_Malware_White_Paper_S508C.pdf">ICS-CERT destructive malware white paper</a> for detailed mitigation guidance. It is important for organizations to maintain backups of key data, systems, and configurations such as:</p><ul><li>Server gold images,</li><li>ICS Workstation gold configurations,</li><li>Engineering workstation images,</li><li>PLC/RTU configurations,</li><li>Passwords and configuration information, and</li><li>Offline copies of install media for operating systems and control applications.</li></ul><h4>Ensure Proper Configuration/Patch Management</h4><p>Adversaries often target unpatched systems. A configuration/patch management program centered on the safe importation and implementation of trusted patches will help render control systems more secure.</p><p>Such a program will start with an accurate baseline and asset inventory to track what patches are needed. The program will prioritize patching and configuration management of “PC-architecture” machines used in HMI, database server, and engineering workstation roles, as current adversaries have significant cyber capabilities against these systems. Infected laptops are a significant malware vector. Such a program will limit the connection of external laptops to the control network and ideally supply vendors with known-good company laptops. The program will also encourage initial installation of any updates onto a test system that includes malware detection features before the updates are installed on operational systems.</p><p>NCCIC recommends that operators:</p><ul><li>Use best practices when downloading software and patches destined for their control network;</li><li>Take measures to avoid watering hole attacks;</li><li>Use a web Domain Name System (DNS) reputation system;</li><li>Obtain and apply updates from authenticated vendor sites;</li><li>Validate the authenticity of downloads;</li><li>Insist that vendors digitally sign updates, and/or publish hashes via an out-of-bound communications path, and only use this path to authenticate;</li><li>Never load updates from unverified sources; and</li><li>Reduce your attack surface area.</li></ul><p>To the greatest extent possible, NCCIC recommends that operators:</p><ul><li>Isolate ICS networks from any untrusted networks, especially the Internet;</li><li>Lock down all unused ports;</li><li>Turn off all unused services; and</li><li>Only allow real-time connectivity to external networks if there is a defined business requirement or control function.<ul><li>If one-way communication can accomplish a task, operators should use optical separation (“data diode”).</li><li>If bidirectional communication is necessary, operators should use a single open port over a restricted network path.</li></ul></li></ul><h4>Build a Defendable Environment</h4><p>Building a defendable environment will help limit the impact from network perimeter breaches. NCCIC recommends operators segment networks into logical enclaves and restrict host-to-host communications paths. This can prevent adversaries from expanding their access, while allowing the normal system communications to continue operating. Enclaving limits possible damage, as threat actors cannot use compromised systems to reach and contaminate systems in other enclaves. Containment provided by enclaving also makes incident cleanup significantly less costly.</p><p>If one-way data transfer from a secure zone to a less secure zone is required, operators should consider using approved removable media instead of a network connection. If real-time data transfer is required, operators should consider using optical separation technologies. This allows replication of data without placing the control system at risk.</p><p>Additional details on effective strategies for building a defendable ICS network can be found in the <a href="http://ics-cert.us-cert.gov/Abstract-Defense-Depth-RP">ICS-CERT Defense-in-Depth Recommended Practice</a>.</p><h4>Implement Secure Remote Access</h4><p>Some adversaries are effective at gaining remote access into control systems, finding obscure access vectors, even “hidden back doors” intentionally created by system operators. Operators should remove such accesses wherever possible, especially modems, as these are fundamentally insecure.<br />Operators should:</p><ul><li>Limit any accesses that remain;</li><li>Where possible, implement “monitoring only” access enforced by data diodes, and not rely on “read only” access enforced by software configurations or permissions;</li><li>Not allow remote persistent vendor connections into the control network;</li><li>Require any remote access to be operator controlled, time limited, and procedurally similar to “lock out, tag out”;</li><li>Use the same remote access paths for vendor and employee connections; do not allow double standards; and</li><li>Use two-factor authentication if possible, avoiding schemes where both tokens are similar and can be easily stolen (e.g., password and soft certificate).</li></ul><h4>Monitor and Respond</h4><p>Defending a network against modern threats requires actively monitoring for adversarial penetration and quickly executing a prepared response. Operators should:</p><ul><li>Consider establishing monitoring programs in the following key places: at the Internet boundary; at the business to Control DMZ boundary; at the Control DMZ to control LAN boundary; and inside the Control LAN;</li><li>Watch IP traffic on ICS boundaries for abnormal or suspicious communications;</li><li>Monitor IP traffic within the control network for malicious connections or content;</li><li>Use host-based products to detect malicious software and attack attempts;<ul><li>Use login analysis (e.g., time and place) to detect stolen credential usage or improper access, verifying all anomalies with quick phone calls;</li><li>Watch account and user administration actions to detect access control manipulation;</li></ul></li><li>Have a response plan for when adversarial activity is detected; and<ul><li>Such a plan may include disconnecting all Internet connections, running a properly scoped search for malware, disabling affected user accounts, isolating suspect systems, and immediately resetting 100 percent of passwords.</li><li>Such a plan may also define escalation triggers and actions, including incident response, investigation, and public affairs activities.</li></ul></li><li>Have a restoration plan, including “gold disks” ready to restore systems to known good states.<br /> </li></ul> <h3>References</h3> <ul> <li><a href="https://www.welivesecurity.com/wp-content/uploads/2017/06/Win32_Industroyer.pdf">[1] ESET: WIN32/INDUSTROYER – A New Threat for Industrial Control Systems</a></li> <li><a href="https://www.dragos.com/blog/crashoverride/">[2] Dragos: CRASHOVERRIDE</a></li> </ul> <h3>Revision History</h3> <ul> <li>June 12, 2017: Initial Release</li> <li>June 13, 2017: Updated IOCs (both STIX and CSV formats)</li> <li>July 7, 2017: Updated IOCs (both STIX and CSV formats)</li> <li>July 21, 2017: Corrected typographical error</li> <li>July 24, 2017: Corrected links to downloadable IOC files</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-163A: CrashOverride Malware
  • Tue, 06 Jun 2017 00:11:16 +0000 Original release date: June 05, 2017<br /> <h3>Systems Affected</h3> <p>SNMP enabled devices</p> <h3>Overview</h3> <p>The Simple Network Management Protocol (SNMP) may be abused to gain unauthorized access to network devices. SNMP provides a standardized framework for a common language that is used for monitoring and managing devices in a network.</p><p>This Alert provides information on SNMP best practices, along with prevention and mitigation recommendations.</p> <h3>Description</h3> <p>SNMP depends on secure strings (or “community strings”) that grant access to portions of devices’ management planes. Abuse of SNMP could allow an unauthorized third party to gain access to a network device. </p><p>SNMPv3 should be the only version of SNMP employed because SNMPv3 has the ability to authenticate and encrypt payloads. When either SNMPv1 or SNMPv2 are employed, an adversary could sniff network traffic to determine the community string. This compromise could enable a man-in-the-middle or replay attack.</p><p>Although SNMPv1 and SNMPv2 have similar characteristics, 64-bit counters were added to SNMPv2 so it could support faster interfaces. SNMPv3 replaces the simple/clear text password sharing used in SNMPv2 with more securely encoded parameters. All versions run over the User Datagram Protocol (UDP).</p><p>Simply using SNMPv3 is not enough to prevent abuse of the protocol. A safer approach is to combine SNMPv3 with management information base (MIB) whitelisting using SNMP views. This technique ensures that even with exposed credentials, information cannot be read from or written to the device unless the information is needed for monitoring or normal device re-configuration. The majority of devices that support SNMP contain a generic set of MIBs that are vendor agnostic. This approach allows the object identifier (OID) to be applied to devices regardless of manufacturer.</p> <h3>Impact</h3> <p>A remote attacker may abuse SNMP-enabled network devices to access an organization’s network infrastructure.</p> <h3>Solution</h3> <p>A fundamental way to enhance network infrastructure security is to safeguard networking devices with secure configurations. US-CERT recommends that administrators:</p><ul><li>Configure SNMPv3 to use the highest level of security available on the device; this would be <em>authPriv</em> on most devices. <em>authPriv</em> includes authentication and encryption features, and employing both features enhances overall network security. Some older images may not contain the cryptographic feature set, in which case <em>authNoPriv</em> needs to be used. However, if the device does not support Version 3 <em>authPriv</em>, it should be upgraded.</li><li>Ensure administrative credentials are properly configured with different passwords for authentication and encryption. In configuring accounts, follow the principle of least privilege. Role separation between polling/receiving traps (reading) and configuring users or groups (writing) is imperative because many SNMP managers require login credentials to be stored on disk in order to receive traps.</li><li>Refer to your vendor’s guidance for implementing SNMP views. SNMP view is a command that can be used to limit the available OIDs. When OIDs are included in the view, all other MIB trees are inherently denied. The SNMP <em>view</em> command must be used in conjunction with a predefined list of MIB objects.</li><li>Apply extended access control lists (ACLs) to block unauthorized computers from accessing the device. Access to devices with read and/or write SNMP permission should be strictly controlled. If monitoring and change management are done through separate software, then they should be on separate devices.</li><li>Segregate SNMP traffic onto a separate management network. Management network traffic should be out-of-band; however, if device management must coincide with standard network activity, all communication occurring over that network should use some encryption capability. If the network device has a dedicated management port, it should be the sole link for services like SNMP, Secure Shell (SSH), etc.</li><li>Keep system images and software up-to-date.</li></ul> <h3>References</h3> <ul> <li><a href="https://www.ietf.org/rfc/rfc2233.txt">The Interfaces Group MIB using SMIv2</a></li> </ul> <h3>Revision History</h3> <ul> <li>June 5, 2017: Initial Release</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-156A: Reducing the Risk of SNMP Abuse
  • Sat, 13 May 2017 01:36:36 +0000 Original release date: May 12, 2017 | Last revised: May 19, 2017<br /> <h3>Systems Affected</h3> <p>Microsoft Windows operating systems</p> <h3>Overview</h3> <p>According to numerous open-source reports, a widespread ransomware campaign is affecting various organizations with reports of tens of thousands of infections in over 150 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France, and Japan. The software can run in as many as 27 different languages.</p><p>The latest version of this ransomware variant, known as WannaCry, WCry, or Wanna Decryptor, was discovered the morning of May 12, 2017, by an independent security researcher and has spread rapidly over several hours, with initial reports beginning around 4:00 AM EDT, May 12, 2017. Open-source reporting indicates a requested ransom of .1781 bitcoins, roughly $300 U.S.<br /><br />This Alert is the result of efforts between the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the Federal Bureau of Investigation (FBI) to highlight known cyber threats. DHS and the FBI continue to pursue related information of threats to federal, state, and local government systems and as such, further releases of technical information may be forthcoming.</p> <h3>Description</h3> <p>Initial reports indicate the hacker or hacking group behind the WannaCry campaign is gaining access to enterprise servers through the exploitation of a critical Windows SMB vulnerability. Microsoft released a security update for the <a href="https://technet.microsoft.com/en-us/library/security/ms17-010.aspx">MS17-010</a> vulnerability on March 14, 2017. Additionally, Microsoft released patches for <a href="http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598">Windows XP, Windows 8, and Windows Server 2003</a> operating systems on May 13, 2017. </p><p>According to open sources, one possible infection vector may be through phishing.</p><h3>Technical Details</h3><h4><em>Indicators of Compromise (IOC)</em></h4><p>See <a href="https://www.us-cert.gov/sites/default/files/publications/TA17-132A_WannaCry.xlsx">TA17-132A_WannaCry.xlsx</a> and <a href="https://www.us-cert.gov/sites/default/files/publications/TA17-132A_WannaCry_stix.xml">TA17-132A_WannaCry_stix.xml</a> for IOCs developed immediately after WannaCry ransomware appeared. These links contain identical content in two different formats.</p><p>See <a href="https://www.us-cert.gov/sites/default/files/publications/TA17-132A_stix.xml">TA17-132A_stix.xml</a> for IOCs developed after further analysis of the WannaCry malware.</p><h4><em>Analysis</em></h4><p>Three files were submitted to US-CERT for analysis. All files are confirmed as components of a ransomware campaign identified as "WannaCry", a.k.a "WannaCrypt" or ".wnCry". The first file is a dropper, which contains and runs the ransomware, propagating via the MS17-010/EternalBlue SMBv1.0 exploit. The remaining two files are ransomware components containing encrypted plug-ins responsible for encrypting the victim users files. For a list of IOCs found during analysis, see the <a href="https://www.us-cert.gov/sites/default/files/publications/TA17-132A_stix.xml">STIX</a> file.</p><p>Displayed below are YARA signatures that can be used to detect the ransomware:</p><h4><em>Yara Signatures</em></h4><table border="1" bordercolor="#ccc" cellpadding="5" cellspacing="0" class="general-table" style="border-collapse: collapse;"><tbody><tr><td><p><code>rule Wanna_Cry_Ransomware_Generic {</code></p><p><code>       meta:</code></p><p><code>              description = "Detects WannaCry Ransomware on Disk and in Virtual Page"</code></p><p><code>              author = "US-CERT Code Analysis Team"</code></p><p><code>              reference = "not set"                                        </code></p><p><code>              date = "2017/05/12"</code></p><p><code>       hash0 = "4DA1F312A214C07143ABEEAFB695D904"</code></p><p><code>       strings:</code></p><p><code>              $s0 = {410044004D0049004E0024}</code></p><p><code>              $s1 = "WannaDecryptor"</code></p><p><code>              $s2 = "WANNACRY"</code></p><p><code>              $s3 = "Microsoft Enhanced RSA and AES Cryptographic"</code></p><p><code>              $s4 = "PKS"</code></p><p><code>              $s5 = "StartTask"</code></p><p><code>              $s6 = "wcry@123"</code></p><p><code>              $s7 = {2F6600002F72}</code></p><p><code>              $s8 = "unzip 0.15 Copyrigh"</code></p><p><code>              $s9 = "Global\\WINDOWS_TASKOSHT_MUTEX"</code>        </p><p> <code>             <code>$</code>s10 = "Global\\WINDOWS_TASKCST_MUTEX"</code>   </p><p><code>             $s11 = {7461736B736368652E657865000000005461736B5374617274000000742E776E7279000069636163}</code></p><p><code>             $s12 = {6C73202E202F6772616E742045766572796F6E653A46202F54202F43202F5100617474726962202B68}</code></p><p><code>             $s13 = "WNcry@2ol7"</code></p><p><code>             $s14 = "wcry@123"</code></p><p><code>             $s15 = "Global\\MsWinZonesCacheCounterMutexA"</code></p><p><code>       condition:</code></p><p><code>              $s0 and $s1 and $s2 and $s3 or $s4 and $s5 and $s6 and $s7 or $s8 and $s9 and $s10 or $s11 and $s12 or $s13 or $s14 or $s15</code></p><p><code>}</code></p><p><code>/*The following Yara ruleset is under the GNU-GPLv2 license (http://www.gnu.org/licenses/gpl-2.0.html) and open to any user or organization, as long as you use it under this license.*/</code></p><p><code>rule MS17_010_WanaCry_worm {</code></p><p><code>       meta:</code></p><p><code>              description = "Worm exploiting MS17-010 and dropping WannaCry Ransomware"</code></p><p><code>              author = "Felipe Molina (@felmoltor)"</code></p><p><code>              reference = "https://www.exploit-db.com/exploits/41987/"</code></p><p><code>              date = "2017/05/12"</code></p><p><code>       strings:</code></p><p><code>              $ms17010_str1="PC NETWORK PROGRAM 1.0"</code></p><p><code>              $ms17010_str2="LANMAN1.0"</code></p><p><code>              $ms17010_str3="Windows for Workgroups 3.1a"</code></p><p><code>              $ms17010_str4="__TREEID__PLACEHOLDER__"</code></p><p><code>              $ms17010_str5="__USERID__PLACEHOLDER__"</code></p><p><code>              $wannacry_payload_substr1 = "h6agLCqPqVyXi2VSQ8O6Yb9ijBX54j"</code></p><p><code>              $wannacry_payload_substr2 = "h54WfF9cGigWFEx92bzmOd0UOaZlM"</code></p><p><code>              $wannacry_payload_substr3 = "tpGFEoLOU6+5I78Toh/nHs/RAP"</code></p><p><code>       condition:</code></p><p><code>              all of them</code></p><p><code>}</code></p></td></tr></tbody></table><h4><em>Dropper</em></h4><p>This artifact (5bef35496fcbdbe841c82f4d1ab8b7c2) is a malicious PE32 executable that has been identified as a WannaCry ransomware dropper. Upon execution, the dropper attempts to connect to the following hard-coded URI:</p><p><code>http[:]//www[.]iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com.</code></p><p>Displayed below is a sample request observed:</p><p><code>--Begin request—</code></p><p><code>GET / HTTP/1.1<br />Host: www[.]iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com<br />Cache-Control: no-cache</code></p><p><code>--End request--</code></p><p>If a connection is established, the dropper will terminate execution. If the connection fails, the dropper will infect the system with ransomware.<br />When executed, the malware is designed to run as a service with the parameters “-m security”. During runtime, the malware determines the<br />number of arguments passed during execution. If the arguments passed are less than two, the dropper proceeds to install itself as the<br />following service:</p><p><code>--Begin service--</code></p><p><code>ServiceName = "mssecsvc2.0"<br />DisplayName = "Microsoft Security Center (2.0) Service"<br />StartType = SERVICE_AUTO_START<br />BinaryPathName = "%current directory%5bef35496fcbdbe841c82f4d1ab8b7c2.exe -m security"</code></p><p><code>--End service--</code></p><p>Once the malware starts as a service named mssecsvc2.0, the dropper attempts to create and scan a list of IP ranges on the local network<br />and attempts to connect using UDP ports 137, 138 and TCP ports 139, 445. If a connection to port 445 is successful, it creates an additional<br />thread to propagate by exploiting the SMBv1 vulnerability documented by Microsoft Security bulliten MS17-010. The malware then extracts &amp;<br />installs a PE32 binary from it's resource section named "R". This binary has been identified as the ransomware component of WannaCrypt.<br />The dropper installs this binary into "C:\WINDOWS\tasksche.exe." The dropper executes tasksche.exe with the following command:</p><p><code>--Begin command--</code></p><p><code>"C:\WINDOWS\tasksche.exe /i"</code></p><p><code>--End command—</code></p><p>Note:<br />=====<br />When this sample was initially discovered, the domain "iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com" was not registered, allowing the<br />malware to run and propagate freely. However within a few days, researchers learned that by registering the domain and allowing the<br />malware to connect, it's ability to spread was greatly reduced. At this time, all traffic to "iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com" is<br />re-directed to a monitored, non-malicious server, causing the malware to terminate if it is allowed to connect. For this reason, we recommend<br />that administrators and network security personnel not block traffic to this domain.</p> <h3>Impact</h3> <p>Ransomware not only targets home users; businesses can also become infected with ransomware, leading to negative consequences, including</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul><p>Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.</p> <h3>Solution</h3> <p><strong><u>Recommended Steps for Prevention </u></strong></p><ul><li>Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.</li><li>Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate in-bound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing. </li><li>Scan all incoming and outgoing emails to detect threats and filter executable files from reaching the end users.</li><li>Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.</li><li>Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary. </li><li>Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares. </li><li>Disable macro scripts from Microsoft Office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full Office suite applications.</li><li>Develop, institute, and practice employee education programs for identifying scams, malicious links, and attempted social engineering.</li><li>Run regular penetration tests against the network, no less than once a year. Ideally, run these as often as possible and practical.</li><li>Test your backups to ensure they work correctly upon use.</li></ul><p><strong><u>Recommendations for Network Protection </u></strong></p><p>Apply the patch (MS17-010). If the patch cannot be applied, consider:</p><ul><li>Disabling SMBv1 and</li><li>blocking all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices.</li></ul><p><em><strong>Note:</strong> disabling or blocking SMB may create problems by obstructing access to shared files, data, or devices. The benefits of mitigation should be weighed against potential disruptions to users.</em></p><p>Review US-CERT’s Alert on <a href="https://www.us-cert.gov/ncas/alerts/TA16-250A">The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations</a> and consider implementing the following best practices:</p><ol><li>Segregate networks and functions.</li><li>Limit unnecessary lateral communications.</li><li>Harden network devices.</li><li>Secure access to infrastructure devices.</li><li>Perform out-of-band network management.</li><li>Validate integrity of hardware and software.</li></ol><p><strong><u>Recommended Steps for Remediation</u></strong></p><ul><li>Contact law enforcement. We strongly encourage you to contact a local FBI field office upon discovery to report an intrusion and request assistance. Maintain and provide relevant logs.</li><li>Implement your security incident response and business continuity plan. Ideally, organizations should ensure they have appropriate backups so their response is simply to restore the data from a known clean backup. </li></ul><p><strong><u>Defending Against Ransomware Generally</u></strong></p><p>Precautionary measures to mitigate ransomware threats include:</p><ul><li>Ensure anti-virus software is up-to-date.</li><li>Implement a data back-up and recovery plan to maintain copies of sensitive or proprietary data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks.</li><li>Scrutinize links contained in emails, and do not open attachments included in unsolicited emails.</li><li>Only download software—especially free software—from sites you know and trust.</li><li>Enable automated patches for your operating system and Web browser.</li></ul><p><strong><u>Report Notice</u></strong></p><p>DHS and FBI encourages recipients who identify the use of tool(s) or techniques discussed in this document to report information to DHS or law enforcement immediately. We encourage you to contact DHS’s National Cybersecurity and Communications Integration Center (NCCIC) (<a href="https://www.us-cert.govmailto:NCCICCustomerService@hq.dhs.gov">NCCICcustomerservice@hq.dhs.gov</a> or 888-282-0870), or the FBI through a local field office or the FBI’s Cyber Division (<a href="https://www.us-cert.govmailto:CyWatch@ic.fbi.gov ">CyWatch@ic.fbi.gov </a>or 855-292-3937) to report an intrusion and to request incident response resources or technical assistance.</p> <h3>References</h3> <ul> <li><a href="https://blog.malwarebytes.com/cybercrime/2017/05/wanacrypt0r-ransomware-hits-it-big-just-before-the-weekend/">Malwarebytes LABS: WanaCrypt0r ransomware hits it big just before the weekend</a></li> <li><a href="https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/">Malwarebytes LABS: The worm that spreads WanaCrypt0r</a></li> <li><a href="https://technet.microsoft.com/en-us/library/security/ms17-010.aspx">Microsoft: Microsoft Security Bulletin MS17-010</a></li> <li><a href="https://www.forbes.com/sites/thomasbrewster/2017/05/12/nsa-exploit-used-by-wannacry-ransomware-in-global-explosion/#4fb6a207e599">Forbes: An NSA Cyber Weapon Might Be Behind A Massive Global Ransomware Outbreak</a></li> <li><a href="http://www.reuters.com/article/us-britain-security-hospitals-ransomware-idUSKBN1882O2">Reuters: Factbox: Don't click - What is the 'ransomware' WannaCry worm?</a></li> <li><a href="https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168">GitHubGist: WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm</a></li> <li><a href="http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598">Microsoft: Microsoft Update Catalog: Patches for Windows XP, Windows 8, and Windows Server 2003, (KB4012598)</a></li> <li><a href="http://blog.talosintelligence.com/2017/05/wannacry.html">Cisco: Player 3 Has Entered the Game: Say Hello to 'WannaCry'</a></li> <li><a href="https://www.washingtonpost.com/business/economy/more-than-150-countries-affected-by-massive-cyberattack-europol-says/2017/05/14/5091465e-3899-11e7-9e48-c4f199710b69_story.html">Washington Post: More than 150 countries affected by massive cyberattack, Europol says</a></li> </ul> <h3>Revision History</h3> <ul> <li>May 12, 2017: Initial post</li> <li>May 14, 2017: Corrected Syntax in the second Yara Rule</li> <li>May 14, 2017: Added Microsoft link to patches for Windows XP, Windows 8, and Windows Server 2003</li> <li>May 14, 2017: Corrected Syntax in the first Yara Rule</li> <li>May 16, 2017: Provided further analysis and new IOCs in STIX format</li> <li>May 18, 2017: Provided initial IOCs in a STIX format</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-132A: Indicators Associated With WannaCry Ransomware
  • Thu, 27 Apr 2017 22:50:51 +0000 Original release date: April 27, 2017 | Last revised: May 14, 2017<br /> <h3>Systems Affected</h3> <p>Networked Systems</p> <h3>Overview</h3> <p>The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial victims have been identified in several sectors, including Information Technology, Energy, Healthcare and Public Health, Communications, and Critical Manufacturing.</p><p>According to preliminary analysis, threat actors appear to be leveraging stolen administrative credentials (local and domain) and certificates, along with placing sophisticated malware implants on critical systems. Some of the campaign victims have been IT service providers, where credential compromises could potentially be leveraged to access customer environments. Depending on the defensive mitigations in place, the threat actor could possibly gain full access to networks and data in a way that appears legitimate to existing monitoring tools.</p><p>Although this activity is still under investigation, NCCIC is sharing this information to provide organizations information for the detection of potential compromises within their organizations.</p><p>NCCIC will update this document as information becomes available.</p><p>For a downloadable copy of this report and listings of IOCs, see:</p><ul><li><a href="https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C-Intrusions_Affecting_Multiple_Victims_Across_Multiple_Sectors.pdf">Report (.pdf)</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01C.xlsx">IOCs (.xlsx)</a></li><li><a href="https://www.us-cert.gov/sites/default/files/publications/IR-ALERT-MED-17-093-01-C.XML">IOCs (STIX)</a></li></ul><p>To report activity related to this Incident Report Alert, please contact NCCIC at <a href="https://www.us-cert.govmailto:NCCICCustomerService@hq.dhs.gov">NCCICCustomerService@hq.dhs.gov</a> or 1-888-282-0870.</p> <h3>Description</h3> <h3>Risk Evaluation</h3><table border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;"><tbody><tr><td style="width: 100%; height: 19px;"><p align="center"><strong>NCCIC Cyber Incident Scoring System (NCISS) Rating Priority Level (Color) </strong></p></td></tr><tr><td style="width: 100%; height: 19px;"><p>Yellow (Medium)</p></td></tr><tr><td style="width: 100%; height: 10px;"><p>A medium priority incident may affect public health or safety, national security, economic security, foreign relations, civil liberties, or public confidence.</p></td></tr></tbody></table><h3>Details</h3><p>While NCCIC continues to work with a variety of victims across different sectors, the adversaries in this campaign continue to affect several IT service providers. To achieve operational efficiencies and effectiveness, many IT service providers often leverage common core infrastructure that should be logically isolated to support multiple clients.</p><p>Intrusions into these providers create opportunities for the adversary to leverage stolen credentials to access customer environments within the provider network.</p><p><img align="middle" alt="Figure 1: Structure of a traditional business network and an IT service provider network" src="https://www.us-cert.gov/sites/default/files/publications/IT%20service%20provider%20network.png" style="width: 631px; height: 402px;" /></p><p><em>Figure 1: Structure of a traditional business network and an IT service provider network</em></p><h3>Technical Analysis</h3><p>The threat actors in this campaign have been observed employing a variety of tactics, techniques, and procedures (TTPs). The actors use malware implants to acquire legitimate credentials then leverage those credentials to pivot throughout the local environment. NCCIC is aware of several compromises involving the exploitation of system administrators’ credentials to access trusted domains as well as the malicious use of certificates. Additionally, the adversary makes heavy use of PowerShell and the open source PowerSploit tool to enable assessment, reconnaissance, and lateral movement.</p><p>Command and Control (C2) primarily occurs using RC4 cipher communications over port 443 to domains that change IP addresses. Many of these domains spoof legitimate sites and content, with a particular focus on spoofing Windows update sites. Most of the known domains leverage dynamic DNS services, and this pattern adds to the complexity of tracking this activity. Listings of observed domains are found in this document’s associated STIX package and .xlsx file. The indicators should be used to observe potential malicious activity on your network.</p><p>User impersonation via compromised credentials is the primary mechanism used by the adversary. However, a secondary technique to maintain persistence and provide additional access into the victim network is the use of malware implants left behind on key relay and staging machines. In some instances, the malware has only been found within memory with no on-disk evidence available for examination. To date, the actors have deployed multiple malware families and variants, some of which are currently not detected by anti-virus signatures. The observed malware includes PLUGX/SOGU and REDLEAVES. Although the observed malware is based on existing malware code, the actors have modified it to improve effectiveness and avoid detection by existing signatures.</p><p>Both REDLEAVES and PLUGX have been observed being executed on systems via dynamic-link library (DLL) side-loading. The DLL side-loading technique utilized by these malware families typically involves three files: a non-malicious executable, a malicious DLL loader, and an encoded payload file. The malicious DLL is named as one of the DLLs that the executable would normally load and is responsible for decoding and executing the payload into memory.</p><h3>REDLEAVES Malware</h3><p>The most unique implant observed in this campaign is the REDLEAVES malware. The REDLEAVES implant consists of three parts: an executable, a loader, and the implant shellcode. The REDLEAVES implant is a remote administration Trojan (RAT) that is built in Visual C++ and makes heavy use of thread generation during its execution. The implant contains a number of functions typical of RATs, including system enumeration and creating a remote shell back to the C2.</p><h4>Capabilities</h4><p><strong>System Enumeration</strong>. The implant is capable of enumerating the following information about the victim system and passing it back to the C2:</p><ul><li>system name,</li><li>system architecture (x86 or x64),</li><li>operating system major and minor versions,</li><li>amount of available memory,</li><li>processor specifications,</li><li>language of the user,</li><li>privileges of the current process,</li><li>group permissions of the current user,</li><li>system uptime,</li><li>IP address, and</li><li>primary drive storage utilization.</li></ul><p><strong>Command Execution.</strong> The implant can execute a command directly inside a command shell using native Windows functionality by passing the command to run to cmd.exe with the “/c” option (“cmd.exe /c &lt;command&gt;”).</p><p><strong>Command Window Generation.</strong> The implant can also execute commands via a remote shell that is generated and passed through a named pipe. A command window is piped back to the C2 over the network as a remote shell or alternatively to another process or thread that can communicate with that pipe. The implant uses the mutexRedLeavesCMDSimulatorMutex.</p><p><strong>File System Enumeration.</strong> The implant has the ability to enumerate data within a specified directory, where it gathers filenames, last file write times, and file sizes.</p><p><strong>Network Traffic Compression and Encryption.</strong> The implant uses a form of LZO compression to compress data that is sent to its C2. After compression, the data for this implant sample is then RC4-ciphered with the key 0x6A6F686E3132333400 (this corresponds to the string “john1234” with the null byte appended).</p><p>Network Communications REDLEAVES connects to the C2 over TCP port 443, but does not use the secure flag when calling the API function InternetOpenUrlW. The data is not encrypted and there is no SSL handshake as would normally occur with port 443 traffic, but rather the data is transmitted in the form that is generated by the RC4 cipher.</p><p>Current REDLEAVES samples that have been examined have a hard-coded C2. Inside the implant’s configuration block in memory were the strings in Table 1.</p><div style="clear: both;"><em>Table 1: REDLEAVES Sample Strings Found in C2</em></div><div style="clear: both;"> </div><div style="clear: both;"><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;"><tbody><tr><td style="width: 100%; height: 71px;"><p><code>QN4869MD ­­– mutex used to determine if the implant is already running (Varies from sample to sample)</code></p><p><code>2016-5-1-INCO –Unknown</code></p><p><code>%windir.\system32\svchost.exe - process that the implant was injected into</code></p><p><code>john1234 (with the null byte afterward) – RC4 Key</code></p></td></tr></tbody></table><div style="clear: both;"> </div></div><p>While the name of the initial mutex, QN4869MD in this sample, varies among REDLEAVES samples, the RedLeavesCMDSimulatorMutex mutex name appears to be consistent. Table 2 contains a sample of the implant communications to the domain windowsupdates.dnset[.]com over TCP port 443.</p><p><em>Table 2: REDLEAVES Sample Beacon</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 232px;"><p><code>--- BEGIN SAMPLE BEACON ---</code></p><p><code>00000000 c1 0c 00 00 7a 8d 9b dc 88 00 00 00 ....z... ....</code></p><p><code>0000000C 14 6f 68 6e 16 6f 68 6e c4 a4 b1 d1 c4 e6 24 eb .ohn.ohn ......$.</code></p><p><code>0000001C cf 49 81 a7 a1 c7 96 ff 6d 31 b4 48 8b 3e a3 c1 .I...... m1.H.&gt;..</code></p><p><code>0000002C 92 e2 c3 7c e4 4c cf e9 e1 fa fb 6a fa 66 2c bf ...|.L.. ...j.f,.</code></p><p><code>0000004C 7b 13 a7 30 17 3d eb fb d3 16 0e 96 83 21 2e 73 {..0.=.. .....!.s</code></p><p><code>0000005C dc 44 a2 72 fb f4 5e d0 4d b7 85 be 33 cd 13 21 .D.r..^. M...3..!</code></p><p><code>0000006C 3f e2 63 da da 5b 5e 52 9a 9c 20 36 69 cb cd 79 ?.c..[^R .. 6i..y</code></p><p><code>0000007C 13 79 7a d4 ed 63 b7 41 5d 38 b4 c2 84 74 98 cd .yz..c.A ]8...t..</code></p><p><code>0000008C f8 32 49 ef 2d e7 f2 ed .2I.-...</code></p><p><code>0000003C 5e 4b 72 6a f9 47 86 cd f1 cd 6d b5 24 79 3c 59 ^Krj.G.. ..m.$y</code></p><p><code>--- END SAMPLE BEACON ---</code></p></td></tr></tbody></table><div style="clear: both;"> </div><p>REDLEAVES network traffic has two 12-byte fixed-length headers in front of each RC4-encrypted compressed payload. The first header comes in its own packet, with the second header and the payload following in a separate packet within the same TCP stream. The last four bytes of the first header contain the number of the remaining bytes in little-endian format (0x88 in the sample beacon above).</p><p>The second header, starting at position 0x0C, is XOR’d with the first four bytes of the key that is used to encrypt the payload. In the case of this sample, those first four bytes would be “john” (or 0x6a6f686e using the ASCII hex codes). After the XOR operation, the bytes in positions 0x0C through 0x0F contain the length of the decrypted and decompressed payload. The bytes in positions 0x10 through 0x13 contain the length of the encrypted and compressed payload.</p><p>To demonstrate, in the sample beacon, the second header follows:</p><p>0000000C 14 6f 68 6e 16 6f 68 6e c4 a4 b1 d1</p><p>The length of the decrypted and decompressed payload is 0x7e000000 in little-endian format (0x146f686e XOR 0x6a6f686e). The length of the encrypted and compressed payload is 0x7c000000 in little-endian (0x166f686e XOR 0x6a6f686e). This is verified by referring back to the sample beacon which had the number of remaining bytes set to 0x88 and subtracting the length of the second header (0x88 – 0xC = 0x7c).</p><h4>Strings</h4><p><em>Note: Use caution when searching based on strings, as common strings may cause a large number of false positives.</em></p><p><em>Table 3: Strings Appearing in the Analyzed Sample of REDLEAVES</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 49px;"><p><code>[ Unique Ascii strings ] --------------------</code></p><p><code>red_autumnal_leaves_dllmain.dll</code></p><p><code>windowsupdates.dnset.com windowsupdates.dnset.com</code></p><p><code>windowsupdates.dnset.com</code></p><p><code>2016-5-10-INCO</code></p><p><code>john1234</code></p><p><code>Feb 04 2015</code></p><p><code>127.0.0.1 169.254</code></p><p><code>tcp</code></p><p><code>https</code></p><p><code>http</code></p><p><code>[ Unique Unicode strings ] ------------------</code></p><p><code>RedLeavesCMDSimulatorMutex</code></p><p><code>QN4869MD</code></p><p><code>\\\\.\\pipe\\NamePipe_MoreWindows</code></p><p><code>network.proxy.type</code></p><p><code>network.proxy.http_port</code></p><p><code>network.proxy.http network.proxy.autoconfig_url</code></p><p><code>network.proxy.</code></p><p><code>a([a-zA-Z0-9])</code></p><p><code>b([ \\t])</code></p><p><code>c([a-zA-Z])</code></p><p><code>d([0-9])</code></p><p><code>h([0-9a-fA-F])</code></p><p><code>n(\r|(\r?\n)) q(\"[^\"]*\")|('[^']*')</code></p><p><code>w([a-zA-Z]+)</code></p><p><code>z([0-9]+)</code></p></td></tr></tbody></table><div style="clear: both;"> </div><h4>Malware Execution Analysis</h4><p><strong>File Name: VeetlePlayer.exe</strong></p><p><strong>MD5</strong>: 9d0da088d2bb135611b5450554c99672</p><p><strong>File Size</strong>: 25704 bytes (25.1 KB)</p><p><strong>Description</strong>: This is the executable that calls the exports located within libvlc.dll</p><p> </p><p><strong>File Name: libvlc.dll</strong></p><p><strong>MD5</strong>: 9A8C76271210324D97A232974CA0A6A3</p><p><strong>File Size</strong>: 33792 bytes (33.0 KB)</p><p><strong>Description</strong>: This is the loader and decoder for mtcReport.ktc, the combined shellcode and implant file.</p><p> </p><p><strong>File Name: mtcReport.ktc</strong></p><p><strong>MD5</strong>: 3045E77E1E9CF9D9657AEA71AB5E8947</p><p><strong>File Size</strong>: 231076 bytes (225.7 KB)</p><p><strong>Description</strong>: This is the encoded shellcode and implant file. When this file is decoded, the shellcode precedes the actual implant, which resides at offset 0x1292 from the beginning of the shellcode in memory. The implant has the MZ and PE flags replaced with the value 0xFF.</p><p> </p><p>All three of these files must be present for execution of the malware to succeed.</p><p>When all files are present and the VeetlePlayer.exe file is executed, it will make calls to the following DLL exports within the libvlc.dll file:</p><ul><li>VLC_Version checks to see if its calling file is named “VeetlePlayer.exe”. If the calling file is named something else, execution will terminate and no shellcode will be loaded.</li><li>VLC_Create reads in the contents of the file mtcReport.ktc.</li><li>VLC_Init takes in the offset in which the encoded shellcode/implant file is located and deobfuscates it. After deobfuscation, this export executes the shellcode.</li><li>VLC_Destroy does nothing other than perform a return 0.</li><li>VLC_AddIntf and VLC_CleanUp simply call the export VLC_Destroy, which returns 0.</li></ul><p>When the libvlc.dll decodes the shellcode/implant, it calls the shellcode at the beginning of the data blob in memory. The shellcode then activates a new instance of svchost.exe and suspends it. It then makes a call to WriteProcessMemory() and inserts the implant with the damaged MZ and PE headers into its memory space. It then resumes execution of svchost.exe, which runs the implant.</p><p>The resulting decoded shellcode with the implant file below it can have a variable MD5 based on how it is dumped from memory. The MD5 checksums of two instances of decoded shellcode are:</p><ol><li>ba4b4087370780dc988d55cbb9de885d</li><li>3d032ba5f73cbc398f1a77af92077cd8</li></ol><p>Table 4 contains the implant resulting from the original implant’s separation from the shellcode and the repair of its MZ and PE flags.</p><p><em>Table 4: Resulting Implant from Shellcode Separation</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 142px;"><p><code><strong>File Name</strong>: red_autumnal_leaves_dllmain.dll</code></p><p><code><strong>MD5</strong>: 3EBBFEEE3A832C92BB60B531F749230E</code></p><p><code><strong>File Size</strong>: 226304 bytes (221.0 KB)</code></p><p><code><strong>PE Compile Date</strong>: 10 May 2016</code></p><p><code>During execution, the file will create two mutexes called RedLeavesCMDSimulatorMutex and QN4869MD. It checks the QN4869MD mutex to see if it is already running. It will then perform initial enumeration of the system to include operating system versions, number of processors, RAM, and CPU information.</code></p></td></tr></tbody></table><div style="clear: both;"> </div><h4>PLUGX</h4><p>PLUGX is a sophisticated Remote Access Tool (RAT) operating since approximately 2012. Although there are now many variants of this RAT in existence today, there are still characteristics common to most variants.</p><p>Typically, PLUGX uses three components to install itself.</p><ol><li>A non-malicious executable</li><li>A malicious DLL/installer</li><li>An encoded payload – the PLUGX RAT.</li></ol><p>A non-malicious executable with one or more imports is used to start the installation process. The executable will likely exist in a directory not normally associated with its use. In some cases, the actor may use an executable signed with a valid certificate, and rename the DLL and encoded payload with file names that suggest they are related to the trusted file. Importantly, the actor seems to vary the encoding scheme used to protect the encoded payload to stifle techniques used by AV vendors to develop patterns to detect it. The payload is either encoded with a single byte or encrypted and decompressed. Recently, NCCIC has observed a case where the encoded payload contains a decoding stub within itself, beginning at byte zero. The malware simply reads this payload and executes it starting at byte zero. The stub then decodes and executes the rest of itself in memory. Notably, this stub varies in its structure and algorithm, again stifling detection by signature based security software. The PLUGX malware is never stored on disk in an unencrypted or decoded format.</p><p>When the initial executable is launched, the imported library, usually a separate DLL, is replaced with a malicious version that in turn decodes and installs the third and final component, which is the PLUGX rat itself. Typically, the PLUGX component is obfuscated and contains no visible executable code until it is unpacked in memory, protecting it from AV/YARA scans while static. During the evolution of these PLUGX compromises, NCCIC noted an increasing implementation of protections of the actual decoded PLUGX in memory. For example, the most recent version we looked at implements a secure strings method, which hides the majority of the common commands used by PLUGX. This is an additional feature designed to thwart signature based security tools.</p><p>Once the PLUGX RAT is installed on the victim, the actors has complete C2 capabilities of the victim system, including the ability to take screenshots and download files from the compromised system. The communications between the RAT (installed on the victim system) and the PLUGX C2 server are encoded to secure the communication and stifle detection by signature based network signature tools.</p><p>The advanced capabilities of PLUGX are implemented via a plugin framework. Each plugin operates independently in its own unique thread within the service. The modules may vary based on variants. Table 5 lists the modules and capabilities contained within one sample recently analyzed by NCCIC.</p><p><em>Table 5: Modules and Capabilities of PLUGX</em></p><table border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;"><thead><tr><th style="width: 132px;"><p><strong>Module Name</strong></p></th><th style="width: 499px;"><p><strong>Capability</strong></p></th></tr></thead><tbody><tr><td style="width: 132px;"><p>Disk</p></td><td style="width: 499px;"><p>wide range of system-related capabilities including file / directory / drive enumeration, file / directory creation, create process, and obtain environment variables</p></td></tr><tr><td style="width: 132px;"><p>Keylog</p></td><td style="width: 499px;"><p>logs keystrokes and saves data to log file</p></td></tr><tr><td style="width: 132px;"><p>Nethood</p></td><td style="width: 499px;"><p>enumerates the host's network resources via the Windows multiple provider router DLL</p></td></tr><tr><td style="width: 132px;"><p>Netstat</p></td><td style="width: 499px;"><p>set the state of a TCP connection or obtain the extended TCP or UDP tables (lists of network endpoints available to a process) of each active process on the host</p></td></tr><tr><td style="width: 132px;"><p>Option</p></td><td style="width: 499px;"><p>provides the ability to initiate a system shutdown, adjust shutdown-related privileges for a given process, and lock the user's workstation</p></td></tr><tr><td style="width: 132px;"><p>Portmap</p></td><td style="width: 499px;"><p>port mapping</p></td></tr><tr><td style="width: 132px;"><p>Process</p></td><td style="width: 499px;"><p>process enumeration, termination, and capability to obtain more in-depth information pertaining to each process (e.g. CompanyName, FileDescription, FileVersion of each module loaded by the process)</p></td></tr><tr><td style="width: 132px;"><p>Regedit</p></td><td style="width: 499px;"><p>create, read, update &amp; delete registry entries</p></td></tr><tr><td style="width: 132px;"><p>Screen</p></td><td style="width: 499px;"><p>capability to capture screenshots of the system</p></td></tr><tr><td style="width: 132px;"><p>Service</p></td><td style="width: 499px;"><p>start, stop, remove, configure &amp; query services</p></td></tr><tr><td style="width: 132px;"><p>Shell</p></td><td style="width: 499px;"><p>remote shell access</p></td></tr><tr><td style="width: 132px;"><p>SQL</p></td><td style="width: 499px;"><p>enumerate SQL databases and available drivers; execute SQL queries</p></td></tr><tr><td style="width: 132px;"><p>Telnet</p></td><td style="width: 499px;"><p>provides a telnet interface</p></td></tr></tbody></table><p>The PLUGX operator may dynamically add, remove, or update PLUGX plugins during runtime. This provides the ability to dynamically adjust C2 capabilities based on the requirements of the C2 operator.</p><p>Network activity is often seen as POST requests similar to that shown in table 6. Network defenders can look to detect non-SSL HTTP traffic on port 443, which can be indicative of malware traffic. The PLUGX malware is also seen using TCP ports 80, 8080, and 53.</p><p><em>Table 6: Sample PLUGX Beacon</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 229px;"><div><code>POST /D15DB9E25ADA34EC9E559736 HTTP/1.1          </code></div><div><code>Accept:             */*</code></div><div><code>HX1:     0</code></div><div><code>HX2:     0</code></div><div><code>HX3:     61456</code></div><div><code>HX4:     1</code></div><div><code>User-Agent:       Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E)</code></div><div><code>Host:    sc.weboot.info:443</code></div><div><code>Content-Length:             0</code></div><div><code>Cache-Control: no-cache</code></div></td></tr></tbody></table><p>Even though the beacon went to port 443, which is commonly used for encrypted HTTP communications, this traffic was plaintext HTTP, as is common for this variant of PLUGX.</p><h4>For IT Service Providers</h4><p>All organizations that provide IT services as a commodity for other organizations should evaluate their infrastructure to determine if related activity has taken place. Active monitoring of network traffic for the indicators of compromise (IOCs) provided in this report, as well as behavior analysis for similar activity, should be conducted to identify C2 traffic. In addition, frequency analysis should be conducted at the lowest level possible to determine any unusual fluctuation in bandwidth indicative of a potential data exfiltration. Both management and client systems should be evaluated for host indicators provided. If an intrusion is suspected, please reach out to the NCCIC at the contact information provided at the end of this report.</p><h4>For Private Organizations and Government Agencies</h4><p>All organizations should include the IOCs provided in their normal intrusion detection systems for continual analysis. Organizations that determine their risk to be elevated due to alignment to the sectors being targeted, unusual detected activity, or other factors, should conduct a dedicated investigation to identify any related activity. Organizations which leverage external IT service providers should validate with their providers that due diligence is being conducted to validate if there are security concerns with their specific provider. If an intrusion is suspected, please reach out to the NCCIC at the contact information provided at the end of this report.<a name="3_1_U__FOUO__Implant_Capabilities" id="3_1_U__FOUO__Implant_Capabilities"></a></p><h4>Detection</h4><p>NCCIC is providing a compilation of IOCs from a variety of sources to aid in the detection of this malware. The IOCs provided in the associated STIX package and .xlsx file were derived from various government, commercial, and publically available sources. The sources provided does not constitute an exhaustive list and the U.S. Government does not endorse or support any particular product or vendor’s information listed in this report. However, NCCIC includes this compilation here to ensure the distribution of the most comprehensive information. This alert will be updated as additional details become available.</p><p><em>Table 7: Sources Referenced</em></p><table border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;"><tbody><tr><td style="width: 132px;"><p><strong>Source </strong></p></td><td style="width: 499px;"><p><strong>Title</strong></p></td></tr><tr><td style="width: 132px;"><p>PaloAltoNetworks</p></td><td style="width: 499px;"><p>“menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations”</p></td></tr><tr><td style="width: 132px;"><p>FireEye</p></td><td style="width: 499px;"><p>“APT10 (Menupass Team) Renews Operations Focused on Nordic Private Industry; operations Extend to Global Partners”. February 23, 2017 10:14:00 AM,17-00001858, Version: 2</p></td></tr><tr><td style="width: 132px;"><p>CyLance</p></td><td style="width: 499px;"><p>“The Deception Project: A New Japanese-Centric Threat”</p></td></tr><tr><td style="width: 132px;"><p>PwC/BAE Systems</p></td><td style="width: 499px;"><p>“Operation Cloud Hopper: Exposing a systematic hacking operation with an</p><p>unprecedented web of global victims: April 2017”</p></td></tr><tr><td style="width: 132px;"><p>JPCERT/CC</p></td><td style="width: 499px;"><p>“RedLeaves-Malware Based on Open Source Rat”</p><p><a href="http://blog.jpcert.or.jp/2017/04/redleaves---malware-based-on-open-source-rat.html">http://blog.jpcert.or.jp/2017/04/redleaves---malware-based-on-open-source-rat.html</a></p></td></tr><tr><td style="width: 132px;"><p>NCC Group</p></td><td style="width: 499px;"><p>“RedLeaves Implant-Overview”</p></td></tr><tr><td style="width: 132px;"><p>National Cyber Security Centre</p></td><td style="width: 499px;"><p>“Infrastructure Update Version 1.0” Reference: March 17, 2017</p></td></tr><tr><td style="width: 132px;"><p>FireEye</p></td><td style="width: 499px;"><p>“BUGJUICE Malware Profile”. April 05, 2017 11:45:00 AM, 17-00003261, Version: 1</p></td></tr><tr><td style="width: 132px;"><p>JPCERT/CC</p></td><td style="width: 499px;"><p>“ChChes- Malware that Communicates with C&amp;C Servers Using Cookie Headers”</p><p><a href="http://blog.jpcert.or.jp/2017/02/chches-malware--93d6.html">http://blog.jpcert.or.jp/2017/02/chches-malware--93d6.html</a></p></td></tr></tbody></table><p>NCCIC recommends monitoring activity to the following domains and IP addresses, and scanning for evidence of the file hashes as potential indicators of infection. Some of the IOCs provided may be associated with legitimate traffic. Nevertheless, closer evaluation is warranted if the IOCs are observed. If these IOCs are found, NCCIC can provide additional assistance in further investigations. A comprehensive listing of IOCs can be found in the associated STIX package and .xlsx file.</p><h4>Network Signatures</h4><p><em>Table 8: REDLEAVES Network Signatures</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 46px;"><p> <code>alert tcp any any -&gt; any any (msg: "REDLEAVES Implant"; content: "|00 00 7a 8d 9b dc|"; offset: 2; depth: 6; content: "|00 00|"; offset: 10; depth: 2; sid: 314;)</code></p><p> </p><p><code>alert tcp any -&gt; any any (msg:”Suspicious PLUGX URI String”; content:”POST”; http_method; content:”/update?id=”; http_uri; fast_pattern:only; pcre:”/update\?id=[a-fA-F0-9]{8} HTTP/”; sid:101;)</code></p></td></tr></tbody></table><div style="clear: both;"> </div><p><em>Table 9: REDLEAVES YARA Signatures</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 60px;"><p><code>rule Dropper_DeploysMalwareViaSideLoading {</code></p><p><code>    meta:</code></p><p><code>            description = "Detect a dropper used to deploy an implant via side loading. This dropper has specifically been observed deploying REDLEAVES &amp; PlugX"</code></p><p><code>            author = "USG"</code></p><p><code>            true_positive = "5262cb9791df50fafcb2fbd5f93226050b51efe400c2924eecba97b7ce437481: drops REDLEAVES. 6392e0701a77ea25354b1f40f5b867a35c0142abde785a66b83c9c8d2c14c0c3: drops plugx. "</code></p><p><code>    strings:        </code></p><p><code>            $UniqueString = {2e 6c 6e 6b [0-14] 61 76 70 75 69 2e 65 78 65} // ".lnk" near "avpui.exe"</code></p><p><code>            $PsuedoRandomStringGenerator = {b9 1a [0-6] f7 f9 46 80 c2 41 88 54 35 8b 83 fe 64} // Unique function that generates a 100 character pseudo random string.</code></p><p><code>    condition:</code></p><p><code>            any of them</code></p><p><code>}</code></p></td></tr><tr><td style="width: 100%; height: 60px;"><p><code>rule REDLEAVES_DroppedFile_ImplantLoader_Starburn {</code></p><p><code>    meta:</code></p><p><code>            description = "Detect the DLL responsible for loading and deobfuscating the DAT file containing shellcode and core REDLEAVES RAT"</code></p><p><code>            author = "USG"</code></p><p><code>            true_positive = "7f8a867a8302fe58039a6db254d335ae" // StarBurn.dll</code></p><p><code>    strings:</code></p><p><code>            $XOR_Loop = {32 0c 3a 83 c2 02 88 0e 83 fa 08 [4-14] 32 0c 3a 83 c2 02 88 0e 83 fa 10} // Deobfuscation loop</code></p><p><code>    condition:</code></p><p><code>            any of them</code></p><p><code>}</code></p></td></tr><tr><td style="width: 100%; height: 60px;"><p><code>rule REDLEAVES_DroppedFile_ObfuscatedShellcodeAndRAT_handkerchief {</code></p><p><code>    meta:</code></p><p><code>        description = "Detect obfuscated .dat file containing shellcode and core REDLEAVES RAT"</code></p><p><code>        author = "USG"</code></p><p><code>        true_positive = "fb0c714cd2ebdcc6f33817abe7813c36" // handkerchief.dat</code></p><p><code>    strings:</code></p><p><code>        $RedleavesStringObfu = {73 64 65 5e 60 74 75 74 6c 6f 60 6d 5e 6d 64 60 77 64 72 5e 65 6d 6d 6c 60 68 6f 2f 65 6d 6d} // This is 'red_autumnal_leaves_dllmain.dll' XOR'd with 0x01</code></p><p><code>    condition:</code></p><p><code>        any of them</code></p><p><code>}</code></p></td></tr><tr><td style="width: 100%; height: 27px;"><p><code>rule REDLEAVES_CoreImplant_UniqueStrings {</code></p><p><code>    meta:</code></p><p><code>        description = "Strings identifying the core REDLEAVES RAT in its deobfuscated state"</code></p><p><code>        author = "USG"</code></p><p><code>    strings:</code></p><p><code>        $unique2 = "RedLeavesSCMDSimulatorMutex" nocase wide ascii</code></p><p><code>        $unique4 = "red_autumnal_leaves_dllmain.dll" wide ascii</code></p><p><code>        $unique7 = "\\NamePipe_MoreWindows" wide ascii</code></p><p><code>    condition:</code></p><p><code>      any of them</code></p><p><code>}</code></p></td></tr></tbody></table><div style="clear: both;"> </div><p><em>Table 10: PLUGX Network Signatures</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 60px;"><p><code>alert tcp any any -&gt; any any (msg:"Non-Std TCP Client Traffic contains 'HX1|3a|' 'HX2|3a|' 'HX3|3a|' 'HX4|3a|' (PLUGX Variant)"; sid:XX; rev:1; flow:established,to_server; content:"Accept|3a 20 2a 2f 2a|"; nocase; content:"HX1|3a|"; distance:0; within:6; fast_pattern; content:"HX2|3a|"; nocase; distance:0; content:"HX3|3a|"; nocase; distance:0; content:"HX4|3a|"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)</code></p></td></tr><tr><td style="width: 100%; height: 60px;"><p><code>alert tcp any any -&gt; any any (msg:"Non-Std TCP Client Traffic contains 'X-Session|3a|''X-Status|3a|''X-Size|3a|''X-Sn|3a|'(PLUGX)"; sid:XX; rev:1; flow:established,to_server; content:"X-Session|3a|"; nocase; fast_pattern; content:"X-Status|3a|"; nocase; distance:0; content:"X-Size|3a|"; nocase; distance:0; content:"X-Sn|3a|"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)</code></p></td></tr><tr><td style="width: 100%; height: 60px;"><p><code>alert tcp any any -&gt; any any (msg:"Non-Std TCP Client Traffic contains 'MJ1X|3a|' 'MJ2X|3a|' 'MJ3X|3a|' 'MJ4X|3a|' (PLUGX Variant)"; sid:XX; rev:1; flow:established,to_server; content:"MJ1X|3a|"; nocase; fast_pattern; content:"MJ2X|3a|"; nocase; distance:0; content:"MJ3X|3a|"; nocase; distance:0; content:"MJ4X|3a|"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)</code></p></td></tr><tr><td style="width: 100%; height: 60px;"><p><code>alert tcp any any -&gt; any any (msg:"Non-Std TCP Client Traffic contains 'Cookies|3a|' 'Sym1|2e|' '|2c|Sym2|2e|' '|2c|Sym3|2e|' '|2c|Sym4|2e|' (Chches Variant)"; sid:XX; rev:1; flow:established,to_server; content:"Cookies|3a|"; nocase; content:"Sym1|2e|0|3a|"; nocase; distance:0; fast_pattern; content:"|2c|Sym2|2e|"; nocase; distance:0; content:"|2c|Sym3|2e|"; nocase; distance:0; content:"|2c|Sym4|2e|"; nocase; distance:0; classtype:nonstd-tcp; priority:X;)</code></p></td></tr></tbody></table><div style="clear: both;"> </div><h4>Host Signatures</h4><p><em>Table 11: PLUGX and REDLEAVES YARA Signatures</em></p><table align="center" border="1" cellpadding="0" cellspacing="0" class="general-table" style="width: 100%;" width="100%"><tbody><tr><td style="width: 100%; height: 60px;"><p><code>rule PLUGX_RedLeaves</code></p><p><code>{</code></p><p><code>meta:</code></p><p><code>author = "US-CERT Code Analysis Team"</code></p><p><code>date = "03042017"</code></p><p><code>incident = "10118538"</code></p><p><code>date = "2017/04/03"</code></p><p><code>MD5_1 = "598FF82EA4FB52717ACAFB227C83D474"</code></p><p><code>MD5_2 = "7D10708A518B26CC8C3CBFBAA224E032"</code></p><p><code>MD5_3 = "AF406D35C77B1E0DF17F839E36BCE630"</code></p><p><code>MD5_4 = "6EB9E889B091A5647F6095DCD4DE7C83"</code></p><p><code>MD5_5 = "566291B277534B63EAFC938CDAAB8A399E41AF7D"</code></p><p><code>info = "Detects specific RedLeaves and PlugX binaries"</code></p><p><code>strings:</code></p><p><code>$s0 = { 80343057403D2FD0010072F433C08BFF80343024403D2FD0010072F4 }</code></p><p><code>$s1 = "C:\\Users\\user\\Desktop\\my_OK_2014\\bit9\\runsna\\Release\\runsna.pdb"</code></p><p><code>$s2 = "d:\\work\\plug4.0(shellcode)"</code></p><p><code>$s3 = "\\shellcode\\shellcode\\XSetting.h"</code></p><p><code>$s4 = { 42AFF4276A45AA58474D4C4BE03D5B395566BEBCBDEDE9972872C5C4C5498228 }</code></p><p><code>$s5 = { 8AD32AD002D180C23830140E413BCB7CEF6A006A006A00566A006A00 }</code></p><p><code>$s6 = { EB055F8BC7EB05E8F6FFFFFF558BEC81ECC8040000535657 }</code></p><p><code>$s7 = { 8A043233C932043983C10288043283F90A7CF242890D18AA00103BD37CE2891514AA00106A006A006A0056 }</code></p><p><code>$s8 = { 293537675A402A333557B05E04D09CB05EB3ADA4A4A40ED0B7DAB7935F5B5B08 }</code></p><p><code>$s9 = "RedLeavesCMDSimulatorMutex"</code></p><p><code>condition:</code></p><p><code>$s0 or $s1 or $s2 and $s3 or $s4 or $s5 or $s6 or $s7 or $s8 or $s9</code></p><p><code>}</code></p></td></tr></tbody></table><div style="clear: both;"> </div><h4>Other Detection Methods</h4><p><strong>Examine Port/Protocol Mismatches:</strong> Examine network traffic where the network port and protocol do not match, such as plaintext HTTP over port 443.</p><p><strong>Administrative Share Mapping:</strong> When a malicious actor tries to move laterally on a network, one of the techniques is to mount administrative shares to perform operations like uploading and downloading resources or executing commands. In addition, tools like System Internals PSEXEC will mount the shares automatically for the user. Since administrators may map administrative shares legitimately while managing components of the network, this must be taken into account.</p><ul><li>Filter network traffic for SMB mapping events and group the events by source IP, destination IP, the mounted path (providing a count of total mounts to that path), the first map time, and the last map time</li><li>Collect Windows Event Logs – Event ID 5140 (network share object was accessed) can be used to track C$ and ADMIN$ mounts by searching the Share Name field</li></ul><p><strong>VPN User authentication mismatch:</strong> A VPN user authentication match occurs when a user account authenticates to an IP address but once connected the internal IP address requests authentication tokens for other users. This may create false positives for legitimate network administrators but if this is detected, organizations should verify that the administrative accounts were legitimately used.</p><p><strong>VPN activity from VPS providers:</strong> While this may also produce false positives, VPN logins from Virtual Private Server (VPS) providers may be an indicator of VPN users attempting to hide their source IP and should be investigated.</p> <h3>Impact</h3> <p>A successful network intrusion can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:</p><ul><li>temporary or permanent loss of sensitive or proprietary information,</li><li>disruption to regular operations,</li><li>financial losses incurred to restore systems and files, and</li><li>potential harm to an organization’s reputation.</li></ul> <h3>Solution</h3> <p>Properly implemented defensive techniques and programs make it more difficult for an adversary to gain access to a network and remain persistent yet undetected. When an effective defensive program is in place, actors should encounter complex defensive barriers. Actor activity should also trigger detection and prevention mechanisms that enable organizations to contain and respond to the intrusion more rapidly. There is no single or set of defensive techniques or programs that will completely avert all malicious activities. Multiple defensive techniques and programs should be adopted and implemented in a layered approach to provide a complex barrier to entry, increase the likelihood of detection, and decrease the likelihood of a successful compromise. This layered mitigation approach is known as defense-in-depth.</p><p>NCCIC mitigations and recommendations are based on observations made during the hunt, analysis, and network monitoring for threat actor activity, combined with client interaction.</p><h4>Whitelisting</h4><ul><li>Enable application directory whitelisting through Microsoft Software Restriction Policy (SRP) or AppLocker;</li><li>Use directory whitelisting rather than trying to list every possible permutation of applications in an environment. Safe defaults allow applications to run from PROGRAMFILES, PROGRAMFILES(X86), and SYSTEM32. All other locations should be disallowed unless an exception is granted.</li><li>Prevent the execution of unauthorized software by using application whitelisting as part of the security hardening of operating systems insulating.</li><li>Enable application directory whitelisting via the Microsoft SRP or AppLocker.</li></ul><h4>Account Control</h4><ul><li>Decrease a threat actor’s ability to access key network resources by implementing the principle of least privilege.</li><li>Limit the ability of a local administrator account to login from a local interactive session (e.g., “Deny access to this computer from the network”) and prevent access via a Remote Desktop Protocol session.</li><li>Remove unnecessary accounts, groups, and restrict root access.</li><li>Control and limit local administration.</li><li>Make use of the Protected Users Active Directory group in Windows Domains to further secure privileged user accounts against pass-the-hash compromises.</li></ul><h4>Workstation Management</h4><ul><li>Create a secure system baseline image and deploy to all workstations.</li><li>Mitigate potential exploitation by threat actors by following a normal patching cycle for all operating systems, applications, software, and all third-party software.</li><li>Apply asset and patch management processes.</li><li>Reduce the number of cached credentials to one if a laptop, or zero if a desktop or fixed asset.</li></ul><h4>Host-Based Intrusion Detection</h4><ul><li>Configure and monitor system logs through host-based intrusion detection system (HIDS) and firewall.</li><li>Deploy an anti-malware solution to prevent spyware, adware, and malware as part of the operating system security baseline.</li><li>Monitor antivirus scan results on a regular basis.</li></ul><h4>Server Management</h4><ul><li>Create a secure system baseline image, and deploy to all servers.</li><li>Upgrade or decommission end-of-life non Windows servers.</li><li>Upgrade or decommission servers running Windows Server 2003 and older versions.</li><li>Implement asset and patch management processes.</li><li>Audit for and disable unnecessary services.</li></ul><h4>Server Configuration and Logging</h4><ul><li>Establish remote server logging and retention.</li><li>Reduce the number of cached credentials to zero.</li><li>Configure and monitor system logs via a centralized security information and event management (SIEM) appliance.</li><li>Add an explicit DENY for “%USERPROFILE%”.</li><li>Restrict egress web traffic from servers.</li><li>In Windows environments, utilize Restricted Admin mode or remote credential guard to further secure remote desktop sessions against pass-the-hash compromises.</li><li>Restrict anonymous shares.</li><li>Limit remote access by only using jump servers for such access.</li></ul><h4>Change Control</h4><ul><li>Create a change control process for all implemented changes.</li></ul><h4>Network Security</h4><ul><li>An Intrusion Detection System (IDS) should:<ul style="list-style-type: circle;"><li>Implement continuous monitoring.</li><li>Send alerts to a SIEM tool.</li><li>Monitor internal activity (this tool may use the same tap points as the netflow generation tools).</li></ul></li><li>Netflow Capture should:<ul style="list-style-type: circle;"><li>Set a minimum retention period of 180 days.</li><li>Capture netflow on all ingress and egress points of network segments, not just at the Managed Trusted Internet Protocol Services (MTIPS) or Trusted Internet Connections (TIC) locations.</li></ul></li><li>Network Packet Capture (PCAP):<ul style="list-style-type: circle;"><li>Retain PCAP data for a minimum of 24 hours.</li><li>Capture traffic on all ingress and egress points of the network.</li></ul></li><li>Use a virtual private network (VPN):<ul style="list-style-type: circle;"><li>Maintain site-to-site VPN with customers.</li><li>Authenticate users utilizing site-to-site VPNs through adaptive security appliance (ASA).</li></ul></li><li>Use authentication, authorization, and accounting (AAA) for controlling network access.<ul style="list-style-type: circle;"><li>Require Personal Identity Verification (PIV) authentication to an HTTPS page on the ASA in order to control access. Authentication should also require explicit rostering of PIV distinguished names (DNs) that are permitted to enhance the security posture on both networks participating in the site-to-site VPN.</li><li>Establish appropriate secure tunneling protocol and encryption.</li><li>Strengthen router configuration (e.g., avoid enabling remote management over the Internet and using default IP ranges; automatically logout after configuring routers; use encryption).</li><li>Turn off Wi-Fi protected setup (WPS), enforce the use of strong passwords, keep router firmware up-to-date; and</li><li>Improve firewall security (e.g., enable auto updates, revise firewall rules as appropriate, implement whitelists, establish packet filtering, enforce the use of strong passwords, and encrypt networks).</li></ul></li><li>Conduct regular vulnerability scans of the internal and external networks and hosted content to identify and mitigate vulnerabilities.</li><li>Define areas within the network that should be segmented to increase visibility of lateral movement by an adversary and increase the defense in-depth posture.</li><li>Develop a process to block traffic to IP addresses and domain names that have been identified as being used to aid previous malicious activities.</li></ul><h4>Network Infrastructure Recommendations</h4><ul><li>Ensure you are following National Security Agency (NSA) network device integrity (NDI) <a href="https://www.iad.gov/iad/library/reports/network-device-integrity-ndi-methodology.cfm">best practices</a>.</li><li>Ensure your networking equipment has the latest available operating system and patches.</li></ul><h4>Host Recommendations</h4><ul><li>Implement policies to block workstations-to-workstation remote desktop protocol (RDP) connections through group policy object (GPO) on Windows, or a similar mechanism.</li><li>Store system logs of mission critical systems for at least one year within a SIEM.</li><li>Review the configuration of application logs to verify fields being recorded will contribute to an incident response investigation.</li></ul><h4>Users Management</h4><ul><li>Immediately set the password policy to require complex passwords for all users (minimum of 15 characters); this new requirement should be enforced as user passwords expire.</li><li>Reduce the number of domain and enterprise administrator accounts.</li><li>Create non-privileged accounts for privileged users and ensure they use the non-privileged account for all non-privileged access (e.g., web browsing, email access);</li><li>If possible, use technical methods to detect or prevent browsing by privileged accounts (authentication to web proxies would enable blocking of domain administrators).</li><li>Use two-factor authentication (e.g., security tokens for remote access and to any sensitive data repositories);</li><li>If soft tokens are used, they should not exist on the same device that is requesting remote access (laptop), and instead should be on a telephone or other out-of-band device.</li><li>Create privileged role tracking;<ul style="list-style-type: circle;"><li>Create a change control process to all privilege escalations and role changes on user accounts;</li><li>Enable alerts on privilege escalations and role changes; and</li><li>Log privileged user changes in the environment and alert on unusual events.</li></ul></li><li>Establish least privilege controls; and</li><li>Implement a security-awareness training program.</li></ul><h4>Best Practices</h4><ul><li>Implement a vulnerability assessment and remediation program.</li><li>Encrypt all sensitive data in transit and at rest.</li><li>Create an insider threat program.</li><li>Assign additional personnel to review logging and alerting data.</li><li>Complete independent security (not compliance) audit.</li><li>Create an information sharing program.</li><li>Complete and maintain network and system documentation to aid in timely incident response, including:<ul style="list-style-type: circle;"><li>network diagrams,</li><li>asset owners,</li><li>type of asset, and</li><li>an up-to-date incident response plan.</li></ul></li></ul> <h3>References</h3> <ul> <li><a href="">PaloAltoNetworks: “menuPass Returns with New Malware and New Attacks Against Japanese Academics and Organizations” </a></li> <li><a href="">FireEye: “APT10 (Menupass Team) Renews Operations Focused on Nordic Private Industry; operations Extend to Global Partners”. Feb</a></li> <li><a href="">CyLance: “The Deception Project: A New Japanese-Centric Threat” </a></li> <li><a href="">PwC/BAE Systems: “Operation Cloud Hopper: Exposing a systematic hacking operation with an unprecedented web of global victims: A</a></li> <li><a href="http://blog.jpcert.or.jp/2017/04/redleaves---malware-based-on-open-source-rat.html">JPCERT/CC: “RedLeaves-Malware Based on Open Source Rat” </a></li> <li><a href="">NCC Group: “RedLeaves Implant-Overview” </a></li> <li><a href="">National Cyber Security Centre: “Infrastructure Update Version 1.0" Reference: March 17, 2017”</a></li> <li><a href="">FireEye: “BUGJUICE Malware Profile”. April 05, 2017 11:45:00 AM, 17-00003261, Version: 1</a></li> <li><a href="http://blog.jpcert.or.jp/2017/02/chches-malware--93d6.html">JPCERT/CC: “ChChes- Malware that Communicates with C&amp;C Servers Using Cookie Headers” </a></li> </ul> <h3>Revision History</h3> <ul> <li>April 27, 2017: Initial post</li> <li>April 28, 2017: Updated guidance under the sub-section: Network Infrastructure Recommendations</li> <li>May 2, 2017: In table 11, fixed trailing quote on date</li> <li>May 11, 2017: STIX and XLSX package was updated</li> </ul> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    TA17-117A: Intrusions Affecting Multiple Victims Across Multiple Sectors

US-CERT Bulletins
  • Mon, 19 Feb 2018 05:15:08 +0000 Original release date: February 19, 2018 | Last revised: February 20, 2018 <br /> <p>The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the <a href="http://www.nist.gov">National Institute of Standards and Technology</a> (NIST) <a href="http://nvd.nist.gov">National Vulnerability Database</a> (NVD) in the past week. The NVD is sponsored by the <a href="http://www.dhs.gov">Department of Homeland Security</a> (DHS) <a href="https://www.us-cert.gov/nccic">National Cybersecurity and Communications Integration Center</a> (NCCIC) / <a href="https://www.us-cert.gov">United States Computer Emergency Readiness Team</a> (US-CERT). For modified or updated entries, please visit the <a href="http://nvd.nist.gov" target="_blank">NVD</a>, which contains historical vulnerability information.</p><p>The vulnerabilities are based on the <a href="http://cve.mitre.org/" target="_blank">CVE</a> vulnerability naming standard and are organized according to severity, determined by the <a href="http://nvd.nist.gov/cvss.cfm" target="_blank">Common Vulnerability Scoring System</a> (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:</p><ul><li><p><strong><a href="#high">High</a></strong> - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0</p></li><li><p><strong><a href="#medium">Medium</a></strong> - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9</p></li><li><p><strong><a href="#low">Low</a></strong> - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9</p></li></ul><p>Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.</p> <p><a id="high" name="high"></a></p><div id="high_v"><h2 id="high_v_title"><a id="high" name="high">High Vulnerabilities</a></h2><table align="center" border="1" summary="High Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no high vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="medium" name="medium"></a></p><div id="medium_v"><h2 id="medium_v_title"><a id="medium" name="medium">Medium Vulnerabilities</a></h2><table align="center" border="1" summary="Medium Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no medium vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="low" name="low"></a></p><div id="low_v"><h2 id="low_v_title"><a id="low" name="low">Low Vulnerabilities</a></h2><table align="center" border="1" summary="Low Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no low vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="severity_not_yet_assigned" name="severity_not_yet_assigned"></a></p><div id="snya_v"><h2 id="snya_v_title"><a id="severity_not_yet_assigned" name="severity_not_yet_assigned">Severity Not Yet Assigned</a></h2><table align="center" border="1" id="table_severity_not_yet_assigned" summary="Severity Not Yet Assigned"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td class="vendor-product" scope="row" style="text-align: left;">3s-smart -- codesys_web_server</td><td style="text-align: left;">A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a buffer overflow and could therefore execute arbitrary code on the web server or lead to a denial-of-service condition due to a crash in the web server.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5440" target="_blank">CVE-2018-5440</a><br /><a href="http://www.securityfocus.com/bid/102909" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-032-02" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">advantech -- webaccess</td><td style="text-align: left;">The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6911" target="_blank">CVE-2018-6911</a><br /><a href="https://www.exploit-db.com/exploits/44031/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- couchdb</td><td style="text-align: left;">The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB batch or binary files. A subsequent service or server restart will then run that binary with administrator privilege. This issue affected CouchDB 2.0.0 (Windows platform only) and was addressed in CouchDB 2.0.0.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8742" target="_blank">CVE-2016-8742</a><br /><a href="http://mail-archives.apache.org/mod_mbox/couchdb-dev/201612.mbox/%3C825F65E1-0E5F-4E1F-8053-CF2C6200C526%40apache.org%3E" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/94766" target="_blank">BID</a><br /><a href="https://www.exploit-db.com/exploits/40865/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- jmeter</td><td style="text-align: left;">When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1297" target="_blank">CVE-2018-1297</a><br /><a href="http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpaNzk5am8oFe07RQ-kynCsQv54yB-uYs9bEnz7tbX-O7g%40mail.gmail.com%3E" target="_blank">MLIST</a><br /><a href="https://bz.apache.org/bugzilla/show_bug.cgi?id=62039" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- jmeter</td><td style="text-align: left;">In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1287" target="_blank">CVE-2018-1287</a><br /><a href="http://mail-archives.apache.org/mod_mbox/www-announce/201802.mbox/%3CCAH9fUpYsFx1%2Brwz1A%3Dmc7wAgbDHARyj1VrWNg41y9OySuL1mqw%40mail.gmail.com%3E" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- mod_nss</td><td style="text-align: left;">Authentication bypass vulnerability in mod_nss 1.0.8 allows remote attackers to assume the identity of a valid user by using their certificate and entering 'password' as the password.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4973" target="_blank">CVE-2011-4973</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1017197" target="_blank">CONFIRM</a><br /><a href="https://www.redhat.com/archives/mod_nss-list/2011-May/msg00001.html" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- openwire</td><td style="text-align: left;">When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15709" target="_blank">CVE-2017-15709</a><br /><a href="https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89@%3Cdev.activemq.apache.org%3E" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- qpid_dispatch_router</td><td style="text-align: left;">A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15699" target="_blank">CVE-2017-15699</a><br /><a href="https://issues.apache.org/jira/browse/DISPATCH-924" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- thrift_go</td><td style="text-align: left;">The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in Apache Thrift 0.10.0.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5397" target="_blank">CVE-2016-5397</a><br /><a href="http://mail-archives.apache.org/mod_mbox/thrift-user/201701.mbox/raw/%3CCANyrgvc3W%3DMJ9S-hMZecPNzxkyfgNmuSgVfW2hdDSz5ke%2BOPhQ%40mail.gmail.com%3E" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/103025" target="_blank">BID</a><br /><a href="https://issues.apache.org/jira/browse/THRIFT-3893" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">arm_holdings -- mbed_TLS</td><td style="text-align: left;">In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18187" target="_blank">CVE-2017-18187</a><br /><a href="https://github.com/ARMmbed/mbedtls/blob/master/ChangeLog" target="_blank">CONFIRM</a><br /><a href="https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">arm_holdings -- mbed_TLS</td><td style="text-align: left;">ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0488" target="_blank">CVE-2018-0488</a><br /><a href="https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">arm_holdings -- mbed_TLS</td><td style="text-align: left;">ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0487" target="_blank">CVE-2018-0487</a><br /><a href="https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bitbucket_server</td><td style="text-align: left;">The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them to gain code execution, exploit CVE-2017-1000117 if a vulnerable version of git is in use, and or determine if an internal service exists via an argument injection vulnerability in the at parameter.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18087" target="_blank">CVE-2017-18087</a><br /><a href="http://www.securityfocus.com/bid/103038" target="_blank">BID</a><br /><a href="https://jira.atlassian.com/browse/BSERV-10593" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bitbucket_server</td><td style="text-align: left;">Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 before 5.6.3 (the fixed version for 5.6.x), from version 5.7.0 before 5.7.1 (the fixed version for 5.7.x) and before 5.8.0 allow remote attackers to conduct clickjacking attacks via framing various resources that lacked clickjacking protection.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18088" target="_blank">CVE-2017-18088</a><br /><a href="http://www.securityfocus.com/bid/103040" target="_blank">BID</a><br /><a href="https://jira.atlassian.com/browse/BSERV-10594" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- crucible</td><td style="text-align: left;">The view review history resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the invited reviewers for a review.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18089" target="_blank">CVE-2017-18089</a><br /><a href="https://jira.atlassian.com/browse/CRUC-8169" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- fisheye</td><td style="text-align: left;">Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18090" target="_blank">CVE-2017-18090</a><br /><a href="https://jira.atlassian.com/browse/FE-7000" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- fisheye_and_crucible</td><td style="text-align: left;">The admin backupprogress action in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allows remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the filename of a backup.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18091" target="_blank">CVE-2017-18091</a><br /><a href="https://jira.atlassian.com/browse/CRUC-8173" target="_blank">CONFIRM</a><br /><a href="https://jira.atlassian.com/browse/FE-7006" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">carbon_black -- carbon_black</td><td style="text-align: left;">cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9570" target="_blank">CVE-2016-9570</a><br /><a href="https://labs.nettitude.com/blog/carbon-black-security-advisories-cve-2016-9570-cve-2016-9568-and-cve-2016-9569/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">carbon_black -- carbon_black</td><td style="text-align: left;">The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9569" target="_blank">CVE-2016-9569</a><br /><a href="https://labs.nettitude.com/blog/carbon-black-security-advisories-cve-2016-9570-cve-2016-9568-and-cve-2016-9569/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite</td><td style="text-align: left;">CCN-lite 2.0.0 Beta allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact because the ccnl_ndntlv_prependBlob function in ccnl-pkt-ndntlv.c can be called with wrong arguments. Specifically, there is an incorrect integer data type causing a negative third argument in some cases of crafted TLV data with inconsistent length information.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7039" target="_blank">CVE-2018-7039</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/191" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite</td><td style="text-align: left;">In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters are written to the buffer (e.g., the "NFN" and "R2C" tags). Therefore, sending an NFN-R2C packet with a prefix of size CCNL_MAX_PREFIX_SIZE can cause an overflow of buf inside ccnl_prefix_to_str_detailed.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6948" target="_blank">CVE-2018-6948</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/193" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite</td><td style="text-align: left;">In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain component's length field matches the actual component length, which has a resultant buffer overflow and out-of-bounds memory accesses.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6953" target="_blank">CVE-2018-6953</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/195" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cloudme -- cloudme</td><td style="text-align: left;">An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6892" target="_blank">CVE-2018-6892</a><br /><a href="https://blogs.securiteam.com/index.php/archives/3669" target="_blank">MISC</a><br /><a href="https://www.exploit-db.com/exploits/44027/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cups -- cups</td><td style="text-align: left;">A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is often resolved via a DNS server (neither the OS nor the web browser is responsible for ensuring that localhost.localdomain is 127.0.0.1).</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18190" target="_blank">CVE-2017-18190</a><br /><a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1048" target="_blank">MISC</a><br /><a href="https://github.com/apple/cups/commit/afa80cb2b457bf8d64f775bed307588610476c41" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dayrui -- finecms</td><td style="text-align: left;">controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6893" target="_blank">CVE-2018-6893</a><br /><a href="https://xianzhi.aliyun.com/forum/topic/2050" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dedecms -- dedecms</td><td style="text-align: left;">DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6910" target="_blank">CVE-2018-6910</a><br /><a href="https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dell -- emc_supportassist_enterprise</td><td style="text-align: left;">Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains even after an upgrade from v1.1 to v1.2. Access to the management console can be achieved by someone with knowledge of the default password. If SupportAssist Enterprise is installed on a server running OpenManage Essentials (OME), the OmeAdapterUser user account is added as a member of the OmeAdministrators group for the OME. An unauthorized person with knowledge of the default password and access to the OME web console could potentially use this account to gain access to the affected installation of OME with OmeAdministrators privileges. This is fixed in version 1.2.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1214" target="_blank">CVE-2018-1214</a><br /><a href="http://www.dell.com/support/article/us/en/04/sln308843/dell-emc-supportassist-enterprise-server-storage-networking-undocumented-default-account-vulnerability" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ember.js -- ember.js</td><td style="text-align: left;">Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application using the "{{group}}" Helper and a crafted payload.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0014" target="_blank">CVE-2014-0014</a><br /><a href="http://emberjs.com/blog/2014/01/14/ember-security-releases.html" target="_blank">CONFIRM</a><br /><a href="https://groups.google.com/forum/#%21topic/ember-security/PSE4RzTi6l4" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ember.js -- ember.js</td><td style="text-align: left;">Ember.js 1.0.x before 1.0.1, 1.1.x before 1.1.3, 1.2.x before 1.2.1, 1.3.x before 1.3.1, and 1.4.x before 1.4.0-beta.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging an application that contains templates whose context is set to a user-supplied primitive value and also contain the `{{this}}` special Handlebars variable.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0013" target="_blank">CVE-2014-0013</a><br /><a href="http://emberjs.com/blog/2014/01/14/ember-security-releases.html" target="_blank">CONFIRM</a><br /><a href="https://groups.google.com/forum/#%21topic/ember-security/2kpXXCxISS4" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">empirecms -- empirecms</td><td style="text-align: left;">EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6881" target="_blank">CVE-2018-6881</a><br /><a href="https://github.com/kongxin520/EmpireCMS/blob/master/EmpireCMS.md" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">empirecms -- empirecms</td><td style="text-align: left;">EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6880" target="_blank">CVE-2018-6880</a><br /><a href="https://github.com/kongxin520/EmpireCMS/blob/master/EmpireCMS.md" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">exiv2 -- exiv2</td><td style="text-align: left;">In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17722" target="_blank">CVE-2017-17722</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1524116" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">exiv2 -- exiv2</td><td style="text-align: left;">In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17725" target="_blank">CVE-2017-17725</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1525055" target="_blank">MISC</a><br /><a href="https://github.com/Exiv2/exiv2/issues/188" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">exiv2 -- exiv2</td><td style="text-align: left;">In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17724" target="_blank">CVE-2017-17724</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1524107" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">exiv2 -- exiv2</td><td style="text-align: left;">In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of service via a crafted TIFF file.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17723" target="_blank">CVE-2017-17723</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1524104" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">f-secure -- radar</td><td style="text-align: left;">F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6189" target="_blank">CVE-2018-6189</a><br /><a href="http://oscarhjelm.com/blag/2018/02/f-secure-radar-persistent-cross-site-scripting-vulnerability/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">f-secure -- radar</td><td style="text-align: left;">F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6324" target="_blank">CVE-2018-6324</a><br /><a href="http://oscarhjelm.com/blag/2018/02/f-secure-radar-login-page-unvalidated-redirect-vulnerability/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ffmpeg -- ffmpeg</td><td style="text-align: left;">The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6912" target="_blank">CVE-2018-6912</a><br /><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">freetype -- freetype</td><td style="text-align: left;">An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6942" target="_blank">CVE-2018-6942</a><br /><a href="https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736" target="_blank">MISC</a><br /><a href="https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">frontaccounting -- frontaccounting</td><td style="text-align: left;">FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7176" target="_blank">CVE-2018-7176</a><br /><a href="https://securitywarrior9.blogspot.in/2018/02/cross-site-request-forgery-front.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnome -- librsvg</td><td style="text-align: left;">GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000041" target="_blank">CVE-2018-1000041</a><br /><a href="https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea" target="_blank">CONFIRM</a><br /><a href="https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd" target="_blank">CONFIRM</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00013.html" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- gnu</td><td style="text-align: left;">An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6951" target="_blank">CVE-2018-6951</a><br /><a href="http://www.securityfocus.com/bid/103044" target="_blank">BID</a><br /><a href="https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a" target="_blank">MISC</a><br /><a href="https://savannah.gnu.org/bugs/index.php?53132" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- gnu</td><td style="text-align: left;">A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6952" target="_blank">CVE-2018-6952</a><br /><a href="http://www.securityfocus.com/bid/103047" target="_blank">BID</a><br /><a href="https://savannah.gnu.org/bugs/index.php?53133" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- gnu</td><td style="text-align: left;">An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10713" target="_blank">CVE-2016-10713</a><br /><a href="https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu_binutils -- gnu_binutils</td><td style="text-align: left;">In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7208" target="_blank">CVE-2018-7208</a><br /><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22741" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">go -- go</td><td style="text-align: left;">The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7187" target="_blank">CVE-2018-7187</a><br /><a href="https://github.com/golang/go/issues/23867" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69478425.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13228" target="_blank">CVE-2017-13228</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68159767.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13234" target="_blank">CVE-2017-13234</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65483665.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13230" target="_blank">CVE-2017-13230</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13229" target="_blank">CVE-2017-13229</a><br /><a href="http://www.securityfocus.com/bid/103016" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-67962232.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13231" target="_blank">CVE-2017-13231</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-68953950.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13232" target="_blank">CVE-2017-13232</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-71486645.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13247" target="_blank">CVE-2017-13247</a><br /><a href="http://www.securityfocus.com/bid/103027" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13240" target="_blank">CVE-2017-13240</a><br /><a href="http://www.securityfocus.com/bid/103011" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In xt_qtaguid.c, there is a race condition due to insufficient locking. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-65853158.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13273" target="_blank">CVE-2017-13273</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13241" target="_blank">CVE-2017-13241</a><br /><a href="http://www.securityfocus.com/bid/103017" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13245" target="_blank">CVE-2017-13245</a><br /><a href="http://www.securityfocus.com/bid/103008" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13242" target="_blank">CVE-2017-13242</a><br /><a href="http://www.securityfocus.com/bid/103014" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13239" target="_blank">CVE-2017-13239</a><br /><a href="http://www.securityfocus.com/bid/103012" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A elevation of privilege vulnerability in the Upstream kernel easel. Product: Android. Versions: Android kernel. ID: A-62678986.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13244" target="_blank">CVE-2017-13244</a><br /><a href="http://www.securityfocus.com/bid/103008" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13243" target="_blank">CVE-2017-13243</a><br /><a href="http://www.securityfocus.com/bid/103013" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13235" target="_blank">CVE-2017-13235</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217699.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13236" target="_blank">CVE-2017-13236</a><br /><a href="http://www.securityfocus.com/bid/102979" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/43996/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-62851602.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13233" target="_blank">CVE-2017-13233</a><br /><a href="http://www.securityfocus.com/bid/102976" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-64610940.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13238" target="_blank">CVE-2017-13238</a><br /><a href="http://www.securityfocus.com/bid/103024" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android</td><td style="text-align: left;">A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-13246" target="_blank">CVE-2017-13246</a><br /><a href="http://www.securityfocus.com/bid/103029" target="_blank">BID</a><br /><a href="https://source.android.com/security/bulletin/pixel/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- 2620_series_network_switches</td><td style="text-align: left;">A Remote Cross Site Request Forgery (CSRF) vulnerability in HPE 2620 Series Network Switches version RA.15.05.0006 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5796" target="_blank">CVE-2017-5796</a><br /><a href="http://www.securityfocus.com/bid/96813" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03711en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_airwave_glass</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8946" target="_blank">CVE-2017-8946</a><br /><a href="http://www.securityfocus.com/bid/98644" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03751en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">A reflected cross site scripting vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5827" target="_blank">CVE-2017-5827</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">An arbitrary command execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5828" target="_blank">CVE-2017-5828</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">An authenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5826" target="_blank">CVE-2017-5826</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">An unauthenticated remote code execution vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5824" target="_blank">CVE-2017-5824</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">A privilege escalation vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5825" target="_blank">CVE-2017-5825</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- aruba_clearpass_policy_manager</td><td style="text-align: left;">An access restriction bypass vulnerability in HPE Aruba ClearPass Policy Manager version 6.6.x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5829" target="_blank">CVE-2017-5829</a><br /><a href="http://www.securityfocus.com/bid/98722" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03730en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- cloud_optimizer</td><td style="text-align: left;">A Remote Disclosure of Information vulnerability in HPE Cloud Optimizer version v3.0x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8944" target="_blank">CVE-2017-8944</a><br /><a href="http://www.securityfocus.com/bid/98558" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03748en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- data_protector</td><td style="text-align: left;">A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5809" target="_blank">CVE-2017-5809</a><br /><a href="http://www.securityfocus.com/bid/100088" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03732en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- data_protector</td><td style="text-align: left;">A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5807" target="_blank">CVE-2017-5807</a><br /><a href="http://www.securityfocus.com/bid/100088" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03732en_us" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-26" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- data_protector</td><td style="text-align: left;">A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5808" target="_blank">CVE-2017-5808</a><br /><a href="http://www.securityfocus.com/bid/100088" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03732en_us" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-26" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- diagnostics</td><td style="text-align: left;">A Remote click jacking vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8521" target="_blank">CVE-2016-8521</a><br /><a href="http://www.securityfocus.com/bid/95427" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037602" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- diagnostics</td><td style="text-align: left;">A cross-site scripting vulnerability in HPE Diagnostics version 9.24 IP1, 9.26 , 9.26IP1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8522" target="_blank">CVE-2016-8522</a><br /><a href="http://www.securityfocus.com/bid/95427" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037602" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05370100" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- helion_eucalyptus</td><td style="text-align: left;">A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8528" target="_blank">CVE-2016-8528</a><br /><a href="http://www.securityfocus.com/bid/95910" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037757" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- helion_eucalyptus</td><td style="text-align: left;">HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8520" target="_blank">CVE-2016-8520</a><br /><a href="http://www.securityfocus.com/bid/95369" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- icewall_federation_agent</td><td style="text-align: left;">A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Federation Agent version 3.0 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8945" target="_blank">CVE-2017-8945</a><br /><a href="http://www.securityfocus.com/bid/98711" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038570" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03737en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- icewall_products</td><td style="text-align: left;">A Remote Unauthorized Disclosure of Information vulnerability in HPE IceWall Products version MFA 4.0 proxy was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8978" target="_blank">CVE-2017-8978</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03806en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- insight_control</td><td style="text-align: left;">An improper input validation vulnerability in HPE Insight Control version 7.6 LR1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8969" target="_blank">CVE-2017-8969</a><br /><a href="http://www.securityfocus.com/bid/101883" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03794en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- integrated_lights-out</td><td style="text-align: left;">Security vulnerabilities in the HPE Integrated Lights-Out 2 (iLO 2) firmware could be exploited remotely to allow authentication bypass, code execution, and denial of service.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8979" target="_blank">CVE-2017-8979</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03797en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- integrated_lights-out</td><td style="text-align: left;">A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12542" target="_blank">CVE-2017-12542</a><br /><a href="http://www.securityfocus.com/bid/100467" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039222" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03769en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44005/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12492" target="_blank">CVE-2017-12492</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12527" target="_blank">CVE-2017-12527</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12501" target="_blank">CVE-2017-12501</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12536" target="_blank">CVE-2017-12536</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12499" target="_blank">CVE-2017-12499</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12539" target="_blank">CVE-2017-12539</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8964" target="_blank">CVE-2017-8964</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12560" target="_blank">CVE-2017-12560</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03777en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12561" target="_blank">CVE-2017-12561</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03781en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12540" target="_blank">CVE-2017-12540</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12537" target="_blank">CVE-2017-12537</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote arbitrary file download and disclosure of information vulnerability in HPE Intelligent Management Center (iMC) Service Operation Management (SOM) version IMC SOM 7.3 E0501 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12555" target="_blank">CVE-2017-12555</a><br /><a href="http://www.securitytracker.com/id/1039496" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03776en_us" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-27" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT iMC Plat 7.3 E0504P2 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12554" target="_blank">CVE-2017-12554</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03782en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12558" target="_blank">CVE-2017-12558</a><br /><a href="http://www.securityfocus.com/bid/101152" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03778en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12522" target="_blank">CVE-2017-12522</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12490" target="_blank">CVE-2017-12490</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote code execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506P03 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8984" target="_blank">CVE-2017-8984</a><br /><a href="http://www.securityfocus.com/bid/102922" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03811en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12557" target="_blank">CVE-2017-12557</a><br /><a href="http://www.securityfocus.com/bid/101152" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03778en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC Plat 7.3 E0504P2 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12556" target="_blank">CVE-2017-12556</a><br /><a href="http://www.securityfocus.com/bid/101152" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03778en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12513" target="_blank">CVE-2017-12513</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12514" target="_blank">CVE-2017-12514</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12541" target="_blank">CVE-2017-12541</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12535" target="_blank">CVE-2017-12535</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8963" target="_blank">CVE-2017-8963</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12526" target="_blank">CVE-2017-12526</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12515" target="_blank">CVE-2017-12515</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12532" target="_blank">CVE-2017-12532</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Disclosure of Information vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8525" target="_blank">CVE-2016-8525</a><br /><a href="http://www.securityfocus.com/bid/95912" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037756" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-09" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12533" target="_blank">CVE-2017-12533</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5817" target="_blank">CVE-2017-5817</a><br /><a href="http://www.securitytracker.com/id/1038478" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/43195/" target="_blank">EXPLOIT-DB</a><br /><a href="https://www.exploit-db.com/exploits/43492/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A directory traversal vulnerability in HPE Intelligent Management Center (IMC) PLAT 7.3 E0504P02 could allow remote code execution.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8961" target="_blank">CVE-2017-8961</a><br /><a href="http://www.securitytracker.com/id/1039702" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03788en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12525" target="_blank">CVE-2017-12525</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8983" target="_blank">CVE-2017-8983</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03808en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12531" target="_blank">CVE-2017-12531</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12530" target="_blank">CVE-2017-12530</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12528" target="_blank">CVE-2017-12528</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12538" target="_blank">CVE-2017-12538</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8962" target="_blank">CVE-2017-8962</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12521" target="_blank">CVE-2017-12521</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8967" target="_blank">CVE-2017-8967</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12529" target="_blank">CVE-2017-12529</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12524" target="_blank">CVE-2017-12524</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12517" target="_blank">CVE-2017-12517</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12516" target="_blank">CVE-2017-12516</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12534" target="_blank">CVE-2017-12534</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12520" target="_blank">CVE-2017-12520</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12519" target="_blank">CVE-2017-12519</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12518" target="_blank">CVE-2017-12518</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12523" target="_blank">CVE-2017-12523</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8965" target="_blank">CVE-2017-8965</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12506" target="_blank">CVE-2017-12506</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12508" target="_blank">CVE-2017-12508</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8956" target="_blank">CVE-2017-8956</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Denial of Service vulnerability in HPE Intelligent Management Center (iMC) PLAT version iMC Plat 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12559" target="_blank">CVE-2017-12559</a><br /><a href="http://www.securitytracker.com/id/1039495" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03777en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Local Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) version PLAT 7.2 E0403P06 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5795" target="_blank">CVE-2017-5795</a><br /><a href="http://www.securityfocus.com/bid/96773" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03714en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12509" target="_blank">CVE-2017-12509</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5815" target="_blank">CVE-2017-5815</a><br /><a href="http://www.securitytracker.com/id/1038472" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03743en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12491" target="_blank">CVE-2017-12491</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12487" target="_blank">CVE-2017-12487</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8955" target="_blank">CVE-2017-8955</a><br /><a href="http://www.securityfocus.com/bid/99925" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03764en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5818" target="_blank">CVE-2017-5818</a><br /><a href="http://www.securitytracker.com/id/1038478" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8957" target="_blank">CVE-2017-8957</a><br /><a href="http://www.securityfocus.com/bid/99925" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03764en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12510" target="_blank">CVE-2017-12510</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12504" target="_blank">CVE-2017-12504</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12489" target="_blank">CVE-2017-12489</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5823" target="_blank">CVE-2017-5823</a><br /><a href="http://www.securitytracker.com/id/1038560" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12503" target="_blank">CVE-2017-12503</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8982" target="_blank">CVE-2017-8982</a><br /><a href="http://www.securitytracker.com/id/1040283" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03809en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5820" target="_blank">CVE-2017-5820</a><br /><a href="http://www.securitytracker.com/id/1038560" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12512" target="_blank">CVE-2017-12512</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5819" target="_blank">CVE-2017-5819</a><br /><a href="http://www.securitytracker.com/id/1038478" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8954" target="_blank">CVE-2017-8954</a><br /><a href="http://www.securityfocus.com/bid/99925" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03764en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12507" target="_blank">CVE-2017-12507</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5821" target="_blank">CVE-2017-5821</a><br /><a href="http://www.securitytracker.com/id/1038560" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12495" target="_blank">CVE-2017-12495</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12511" target="_blank">CVE-2017-12511</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12500" target="_blank">CVE-2017-12500</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12488" target="_blank">CVE-2017-12488</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5816" target="_blank">CVE-2017-5816</a><br /><a href="http://www.securityfocus.com/bid/100470" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038478" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03745en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/43198/" target="_blank">EXPLOIT-DB</a><br /><a href="https://www.exploit-db.com/exploits/43493/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Arbitrary File Download vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5794" target="_blank">CVE-2017-5794</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03715en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8958" target="_blank">CVE-2017-8958</a><br /><a href="http://www.securityfocus.com/bid/101202" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03786en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12496" target="_blank">CVE-2017-12496</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12502" target="_blank">CVE-2017-12502</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8981" target="_blank">CVE-2017-8981</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03813en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12505" target="_blank">CVE-2017-12505</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5822" target="_blank">CVE-2017-5822</a><br /><a href="http://www.securitytracker.com/id/1038560" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03746en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12497" target="_blank">CVE-2017-12497</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12498" target="_blank">CVE-2017-12498</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Disclosure of Information vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8980" target="_blank">CVE-2017-8980</a><br /><a href="http://www.securityfocus.com/bid/102925" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03810en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8966" target="_blank">CVE-2017-8966</a><br /><a href="http://www.securitytracker.com/id/1039684" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03787en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5805" target="_blank">CVE-2017-5805</a><br /><a href="http://www.securityfocus.com/bid/98088" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038377" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5792" target="_blank">CVE-2017-5792</a><br /><a href="http://www.securityfocus.com/bid/96769" target="_blank">BID</a><br /><a href="https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&amp;docId=emr_na-hpesbhf03713en_us" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03815en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/43927/" target="_blank">EXPLOIT-DB</a><br /><a href="https://www.tenable.com/security/research/tra-2017-18" target="_blank">MISC</a><br /><a href="https://www.tenable.com/security/research/tra-2018-01" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5804" target="_blank">CVE-2017-5804</a><br /><a href="http://www.securityfocus.com/bid/98088" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038377" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12493" target="_blank">CVE-2017-12493</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5790" target="_blank">CVE-2017-5790</a><br /><a href="http://www.securityfocus.com/bid/96755" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03710en_us" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-12" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8530" target="_blank">CVE-2016-8530</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-09" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5806" target="_blank">CVE-2017-5806</a><br /><a href="http://www.securityfocus.com/bid/98088" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038377" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Arbitrary Code Execution vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5793" target="_blank">CVE-2017-5793</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03717en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12494" target="_blank">CVE-2017-12494</a><br /><a href="http://www.securityfocus.com/bid/100367" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039152" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- intelligent_management_center_plat</td><td style="text-align: left;">A Remote Unauthenticated Disclosure of Information vulnerability in HPE Intelligent Management Center (IMC) SOM version v7.3 (E0501) was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5797" target="_blank">CVE-2017-5797</a><br /><a href="http://www.securityfocus.com/bid/97214" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03719en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- loadrunner</td><td style="text-align: left;">A Remote Cross-Site Scripting (XSS) vulnerability in HPE LoadRunner v12.53 and earlier and HPE Performance Center version v12.53 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8953" target="_blank">CVE-2017-8953</a><br /><a href="http://www.securitytracker.com/id/1038867" target="_blank">SECTRACK</a><br /><a href="http://www.securitytracker.com/id/1038868" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03764en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- loadrunner_and_performance_center</td><td style="text-align: left;">A Remote Code Execution vulnerability in all versions of HPE LoadRunner and Performance Center was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8512" target="_blank">CVE-2016-8512</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05354136" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5784" target="_blank">CVE-2017-5784</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote priviledge escalation vulnerability in HPE Matrix Operating Environment version 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8533" target="_blank">CVE-2016-8533</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote information disclosure vulnerability in HPE Matrix Operating Environment version 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8531" target="_blank">CVE-2016-8531</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote unauthenticated disclosure of information vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8970" target="_blank">CVE-2017-8970</a><br /><a href="http://www.securityfocus.com/bid/101938" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote information disclosure vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5785" target="_blank">CVE-2017-5785</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote HTTP parameter Pollution vulnerability in HPE Matrix Operating Environment version 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8535" target="_blank">CVE-2016-8535</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote privilege elevation vulnerability in HPE Matrix Operating Environment version 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8534" target="_blank">CVE-2016-8534</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A cross site scripting vulnerability in HPE Matrix Operating Environment version 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8532" target="_blank">CVE-2016-8532</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5780" target="_blank">CVE-2017-5780</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8972" target="_blank">CVE-2017-8972</a><br /><a href="http://www.securityfocus.com/bid/101938" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A missing HSTS Header vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5782" target="_blank">CVE-2017-5782</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A CSRF vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5781" target="_blank">CVE-2017-5781</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8971" target="_blank">CVE-2017-8971</a><br /><a href="http://www.securityfocus.com/bid/101938" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">A remote clickjacking vulnerability in HPE Matrix Operating Environment version v7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5783" target="_blank">CVE-2017-5783</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05385680" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- matrix_operating_environment</td><td style="text-align: left;">An improper input validation vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8973" target="_blank">CVE-2017-8973</a><br /><a href="http://www.securityfocus.com/bid/101938" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03795en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- moonshot_provisioning_manager_appliance</td><td style="text-align: left;">A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8976" target="_blank">CVE-2017-8976</a><br /><a href="http://www.securityfocus.com/bid/102410" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- moonshot_provisioning_manager_appliance</td><td style="text-align: left;">A Remote Denial of Service vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8977" target="_blank">CVE-2017-8977</a><br /><a href="http://www.securityfocus.com/bid/102410" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- moonshot_provisioning_manager_appliance</td><td style="text-align: left;">A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8975" target="_blank">CVE-2017-8975</a><br /><a href="http://www.securityfocus.com/bid/102410" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03803en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- moonshot_remote_console_administrator</td><td style="text-align: left;">A remote disclosure of information vulnerability in Moonshot Remote Console Administrator Prior to 2.50, iLO4 prior to v2.53, iLO3 prior to v1.89 and iLO2 prior to v2.30 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12543" target="_blank">CVE-2017-12543</a><br /><a href="http://www.securityfocus.com/bid/101944" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03705en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- msa_1040_and_msa_2040_san_storage</td><td style="text-align: left;">An Authentication Bypass vulnerability in HPE MSA 1040 and HPE MSA 2040 SAN Storage in version GL220P008 and earlier and was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8959" target="_blank">CVE-2017-8959</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbst03780en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- msa_1040_and_msa_2040_san_storage</td><td style="text-align: left;">An Authentication Bypass vulnerability in HPE MSA 1040 and MSA 2040 SAN Storage IN version GL220P008 and earlier was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8960" target="_blank">CVE-2017-8960</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbst03780en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A remote code execution vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5811" target="_blank">CVE-2017-5811</a><br /><a href="http://www.securityfocus.com/bid/98331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038407" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java Deserialization version v9.1x, v9.2x, v10.00, v10.00.01, v10.00.02, v10.10, v10.11, v10.11.01, v10.20 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8511" target="_blank">CVE-2016-8511</a><br /><a href="http://www.securityfocus.com/bid/94610" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05344849" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2016-39" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A remote sql injection vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5810" target="_blank">CVE-2017-5810</a><br /><a href="http://www.securityfocus.com/bid/98331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038407" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A remote unauthenticated access vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5813" target="_blank">CVE-2017-5813</a><br /><a href="http://www.securityfocus.com/bid/98331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038407" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A remote sql information disclosure vulnerability in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5812" target="_blank">CVE-2017-5812</a><br /><a href="http://www.securityfocus.com/bid/98331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038407" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_automation</td><td style="text-align: left;">A remote sql injection authentication bypass in HPE Network Automation version 9.1x, 9.2x, 10.0x, 10.1x and 10.2x were found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5814" target="_blank">CVE-2017-5814</a><br /><a href="http://www.securityfocus.com/bid/98331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038407" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03740en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- network_node_manager_i</td><td style="text-align: left;">A Remote Bypass Security Restriction vulnerability in HPE Network Node Manager i (NNMi) Software versions v10.0x, v10.1x, v10.2x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8948" target="_blank">CVE-2017-8948</a><br /><a href="http://www.securityfocus.com/bid/99342" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03762en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- nonstop_servers</td><td style="text-align: left;">A Local Authentication Restriction Bypass vulnerability in HPE NonStop Server version L-Series: T6533L01 through T6533L01^ADN; J-Series and H-series: T6533H02 through T6533H04^ADF and T6533H05 through T6533H05^ADL was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8974" target="_blank">CVE-2017-8974</a><br /><a href="http://www.securityfocus.com/bid/102530" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03804en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- nonstop_servers</td><td style="text-align: left;">A Remote Disclosure of Information vulnerability in HPE NonStop Servers using SSH Service version L series: T0801L02 through T0801L02^ABX; J and H series: T0801H01 through T0801H01^ACA was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5803" target="_blank">CVE-2017-5803</a><br /><a href="http://www.securityfocus.com/bid/98052" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038370" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03735en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- nonstop_software_essentials</td><td style="text-align: left;">A Local Disclosure of Sensitive Information vulnerability in HPE NonStop Software Essentials version T0894 T0894H02 through T0894H02^AAI was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5788" target="_blank">CVE-2017-5788</a><br /><a href="http://www.securitytracker.com/id/1038026" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbns03708en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- officeconnect_network_switches</td><td style="text-align: left;">A local Unauthorized Data Modification vulnerability in HPE OfficeConnect Network Switches version PT.02.01 including PT.01.03 through PT.01.14</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5786" target="_blank">CVE-2017-5786</a><br /><a href="http://www.securityfocus.com/bid/96149" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05388948" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- opencall_media_platform</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5799" target="_blank">CVE-2017-5799</a><br /><a href="http://www.securityfocus.com/bid/98013" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03686en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/41927/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- opencall_media_platform</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5798" target="_blank">CVE-2017-5798</a><br /><a href="http://www.securityfocus.com/bid/98013" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03686en_us" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/41927/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- operations_bridge_analytics</td><td style="text-align: left;">A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v09.30 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5801" target="_blank">CVE-2017-5801</a><br /><a href="http://www.securityfocus.com/bid/97386" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038176" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03727en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- operations_bridge_analytics</td><td style="text-align: left;">A Remote Cross-Site Scripting (XSS) vulnerability in HPE Operations Bridge Analytics version v3.0 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5800" target="_blank">CVE-2017-5800</a><br /><a href="http://www.securityfocus.com/bid/97412" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03721en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- operations_orchestration</td><td style="text-align: left;">A remote code execution vulnerability in HPE Operations Orchestration Community edition and Enterprise edition prior to v10.70 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8519" target="_blank">CVE-2016-8519</a><br /><a href="http://www.securityfocus.com/bid/95225" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037552" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05361944" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-05" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- project_and_portfolio_management</td><td style="text-align: left;">A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8993" target="_blank">CVE-2017-8993</a><br /><a href="http://www.securityfocus.com/bid/100087" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039065" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03766en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- sitescope</td><td style="text-align: left;">A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8950" target="_blank">CVE-2017-8950</a><br /><a href="http://www.securityfocus.com/bid/99331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038791" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03763en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- sitescope</td><td style="text-align: left;">A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8949" target="_blank">CVE-2017-8949</a><br /><a href="http://www.securityfocus.com/bid/99331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038791" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03763en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- sitescope</td><td style="text-align: left;">A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8951" target="_blank">CVE-2017-8951</a><br /><a href="http://www.securityfocus.com/bid/99331" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038791" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03763en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- sitescope</td><td style="text-align: left;">A Disclosure of Sensitive Information vulnerability in HPE SiteScope version v11.2x, v11.3x was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8952" target="_blank">CVE-2017-8952</a><br /><a href="http://www.securityfocus.com/bid/99333" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038791" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03763en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- smart_storage_administrator</td><td style="text-align: left;">A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before v2.60.18.0 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8523" target="_blank">CVE-2016-8523</a><br /><a href="http://www.securityfocus.com/bid/95868" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382349" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/41297/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- storevirtual</td><td style="text-align: left;">A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and StoreVirtual VSA Software running LeftHand OS version v12.5 and earlier was found. The problem was resolved in LeftHand OS v12.6 or any subsequent version.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8529" target="_blank">CVE-2016-8529</a><br /><a href="http://www.securityfocus.com/bid/95970" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037762" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382958" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12545" target="_blank">CVE-2017-12545</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a><br /><a href="https://www.tenable.com/security/research/tra-2017-30" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12553" target="_blank">CVE-2017-12553</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local buffer overflow vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12546" target="_blank">CVE-2017-12546</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12547" target="_blank">CVE-2017-12547</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A cross-site scripting vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12544" target="_blank">CVE-2017-12544</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local security misconfiguration vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12550" target="_blank">CVE-2017-12550</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12549" target="_blank">CVE-2017-12549</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12552" target="_blank">CVE-2017-12552</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local arbitrary execution of commands vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12551" target="_blank">CVE-2017-12551</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- system_management_homepage</td><td style="text-align: left;">A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12548" target="_blank">CVE-2017-12548</a><br /><a href="http://www.securityfocus.com/bid/101029" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039437" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- systems_insight_manager</td><td style="text-align: left;">A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8516" target="_blank">CVE-2016-8516</a><br /><a href="http://www.securitytracker.com/id/1037492" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" target="_blank">CONFIRM</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- systems_insight_manager<br /> </td><td style="text-align: left;">A cross site scripting vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8517" target="_blank">CVE-2016-8517</a><br /><a href="http://www.securitytracker.com/id/1037492" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" target="_blank">CONFIRM</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- systems_insight_manager<br /> </td><td style="text-align: left;">A remote denial of service vulnerability in HPE Systems Insight Manager in all versions prior to 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8518" target="_blank">CVE-2016-8518</a><br /><a href="http://www.securitytracker.com/id/1037492" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" target="_blank">CONFIRM</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388" target="_blank">CONFIRM</a></td></tr><tr><td>hpe -- ucmdb</td><td style="text-align: left;">A Remote Code Execution vulnerability in HPE UCMDB version v10.10, v10.11, v10.20, v10.21, v10.22, v10.30, v10.31 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8947" target="_blank">CVE-2017-8947</a><br /><a href="http://www.securityfocus.com/bid/98960" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1038643" target="_blank">SECTRACK</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03758en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- version_control_repository_manager</td><td style="text-align: left;">A remote denial of service vulnerability in HPE Version Control Repository Manager (VCRM) in all versions prior to 7.6 was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5787" target="_blank">CVE-2017-5787</a><br /><a href="http://www.securityfocus.com/bid/96395" target="_blank">BID</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- version_control_repository_manager</td><td style="text-align: left;">A Cross-Site Request Forgery (CSRF) vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8513" target="_blank">CVE-2016-8513</a><br /><a href="http://www.securityfocus.com/bid/94949" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037485" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- version_control_repository_manager<br /> </td><td style="text-align: left;">A remote information disclosure in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8514" target="_blank">CVE-2016-8514</a><br /><a href="http://www.securityfocus.com/bid/94949" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037485" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- version_control_repository_manager<br /> </td><td style="text-align: left;">A remote malicious file upload vulnerability in HPE Version Control Repository Manager (VCRM) was found. The problem impacts all versions prior to 7.6.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8515" target="_blank">CVE-2016-8515</a><br /><a href="http://www.securityfocus.com/bid/94949" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1037485" target="_blank">SECTRACK</a><br /><a href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" target="_blank">CONFIRM</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- vertica_analytics_platform</td><td style="text-align: left;">A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5802" target="_blank">CVE-2017-5802</a><br /><a href="http://www.securityfocus.com/bid/97706" target="_blank">BID</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03734en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">hpe -- xp_storage</td><td style="text-align: left;">HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-8985" target="_blank">CVE-2017-8985</a><br /><a href="https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03819en_us" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- ar3200_firmware</td><td style="text-align: left;">Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15344" target="_blank">CVE-2017-15344</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- ar3200_firmware</td><td style="text-align: left;">Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15343" target="_blank">CVE-2017-15343</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- cloudengine_12800</td><td style="text-align: left;">Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15349" target="_blank">CVE-2017-15349</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- honor_v9_play_smart_phones</td><td style="text-align: left;">The 'Find Phone' function in Huawei Honor V9 play smart phones with versions earlier than Jimmy-AL00AC00B135 has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15351" target="_blank">CVE-2017-15351</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- mate_9_pro_mobile_phones</td><td style="text-align: left;">Huawei Mate 9 Pro mobile phones with software of versions earlier than LON-AL00BC00B235 have a use after free (UAF) vulnerability. An attacker tricks a user into installing a malicious application, and the application can riggers access memory after free it. A local attacker may exploit this vulnerability to cause the mobile phone to crash.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15347" target="_blank">CVE-2017-15347</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-phone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The Common Open Policy Service Protocol (COPS) module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10,SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3206 V100R002C00, V100R002C10,USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50 haa a buffer overflow vulnerability. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted message to the affected products. The vulnerability is due to insufficient input validation of the message, which could result in a buffer overflow. Successful exploit may cause some services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15350" target="_blank">CVE-2017-15350</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-buffer-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17185" target="_blank">CVE-2017-17185</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17183" target="_blank">CVE-2017-17183</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17182" target="_blank">CVE-2017-17182</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, NetEngine16EX V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability due to insufficient input validation. An unauthenticated, remote attacker could exploit this vulnerability by sending malformed Session Initiation Protocol(SIP) packets to the target device. Successful exploit could make the device read out of bounds and thus cause a service to be unavailable.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17202" target="_blank">CVE-2017-17202</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180131-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17184" target="_blank">CVE-2017-17184</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17156" target="_blank">CVE-2017-17156</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17166" target="_blank">CVE-2017-17166</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-02-h323-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. An authenticated, local attacker may craft and load some specific Certificate Revocation List(CRL) configuration files to the devices repeatedly. Due to not release allocated memory properly, successful exploit may result in memory leak and services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17302" target="_blank">CVE-2017-17302</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-memory-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R005C05, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5700 V200R003C00, V200R003C00SPC316T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S600-E V200R008C00, V200R009C00, S6300 V200R003C00, V200R005C00, V200R007C00, V200R008C00, V200R009C00, S6700 V200R003C00, V200R005C00, V200R005C01, V200R005C02, V200R007C00, V200R008C00, V200R009C00 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17165" target="_blank">CVE-2017-17165</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-02-ipv6-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a DoS vulnerability due to insufficient input validation. An attacker could exploit it to cause unauthorized memory access, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17154" target="_blank">CVE-2017-17154</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17300" target="_blank">CVE-2017-17300</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-router-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace U1981 V200R003C30SPC100 have a denial of service vulnerability. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in the buffer and then denial of service.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15342" target="_blank">CVE-2017-15342</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ssl-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have an out-of-bound read vulnerability. A remote attacker send specially crafted Session Initiation Protocol (SIP) messages to the affected products. Due to insufficient input validation, successful exploit will cause some services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17283" target="_blank">CVE-2017-17283</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-02-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a memory leak vulnerability due to memory release failure resulted from insufficient input validation. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17153" target="_blank">CVE-2017-17153</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15353" target="_blank">CVE-2017-15353</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15356" target="_blank">CVE-2017-15356</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds write vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory write, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17152" target="_blank">CVE-2017-17152</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an insufficient validation vulnerability. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS attacks.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17151" target="_blank">CVE-2017-17151</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-h323-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,eCNS210_TD V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15346" target="_blank">CVE-2017-15346</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have a resource management error vulnerability. A remote attacker may send huge number of specially crafted SIP messages to the affected products. Due to improper handling of some value in the messages, successful exploit will cause some services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17284" target="_blank">CVE-2017-17284</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-02-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15345" target="_blank">CVE-2017-15345</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15355" target="_blank">CVE-2017-15355</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could cause an integer overflow and might reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17187" target="_blank">CVE-2017-17187</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, NetEngine16EX V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bound read vulnerability in some Huawei products. Due to insufficient input validation, a remote, unauthenticated attacker may send crafted signature to the affected products. Successful exploit may cause buffer overflow, services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17287" target="_blank">CVE-2017-17287</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-encryption-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300, V500R002C00, RP200, V600R006C00, TE30, V100R001C10, V500R002C00,V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00,V600R006C00, TE60, V100R001C10, V500R002C00, V600R006C00, TX50,V500R002C00, V600R006C00 have a buffer overflow vulnerability. An attacker may send specially crafted HTTP messages to the affected products. Due insufficient input validation of three different parameters in the messages, successful exploit may cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15354" target="_blank">CVE-2017-15354</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-02-http-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15348" target="_blank">CVE-2017-15348</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-routers-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300 have a memory leak vulnerability due to memory don't be released when an local authenticated attacker execute special commands many times. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17162" target="_blank">CVE-2017-17162</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-02-firewall-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to incompliance with the 4-byte alignment requirement imposed by the MIPS CPU. An attacker could exploit it to cause unauthorized memory access, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17155" target="_blank">CVE-2017-17155</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, MAX PRESENCE V100R001C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10 have a memory leak vulnerability. An authenticated, local attacker may craft a specific XML file to the affected products. Due to not free the memory to parse the XML file, successful exploit will result in memory leak of the affected products.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17291" target="_blank">CVE-2017-17291</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker would have to find a way to craft specific messages to the affected products. Due to the insufficient validation for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15337" target="_blank">CVE-2017-15337</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00S, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, IPS Module V500R001C30, NIP6300 V500R001C30, NetEngine16EX V200R006C10, V200R007C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker may send crafted IKE V2 messages to the affected products. Due to the insufficient validation of the messages, successful exploit will cause invalid memory access and result in a denial of service on the affected products.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17299" target="_blank">CVE-2017-17299</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-ike-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,eCNS210_TD V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15333" target="_blank">CVE-2017-15333</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, MAX PRESENCE V100R001C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10 have a denial of service vulnerability in the specific module. An authenticated, local attacker may craft a specific XML file to the affected products. Due to improper handling of input, successful exploit will cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17292" target="_blank">CVE-2017-17292</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15336" target="_blank">CVE-2017-15336</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V200R003C20SPC900, V200R003C30SPC200 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17297" target="_blank">CVE-2017-17297</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-buffer-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker would have to find a way to craft specific messages to the affected products. Due to the insufficient validation for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15339" target="_blank">CVE-2017-15339</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15334" target="_blank">CVE-2017-15334</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker may send specially crafted messages to the affected products. Due to the insufficient validation of some values for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15335" target="_blank">CVE-2017-15335</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17160" target="_blank">CVE-2017-17160</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ike-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could result in information disclosure.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15340" target="_blank">CVE-2017-15340</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-05-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, ViewPoint 9030 V100R011C02, V100R011C03 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17298" target="_blank">CVE-2017-17298</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-overflow-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The SIP module in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, USG9500 V500R001C00, V500R001C20, V500R001C30, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V100R001C20, V200R003C00, V200R003C20, V200R003C30 has a buffer overflow vulnerability. An attacker would have to find a way to craft specific messages to the affected products. Due to the insufficient validation for SIP messages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15338" target="_blank">CVE-2017-15338</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-sip-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability. The software does not release allocated memory properly when handling XML data. An authenticated, local attacker could upload crafted XML file repeatedly to cause memory leak and service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17289" target="_blank">CVE-2017-17289</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, NetEngine16EX V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bound write vulnerability. Due to insufficient input validation, a remote, unauthenticated attacker may craft encryption key to the affected products. Successful exploit may cause buffer overflow, services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17286" target="_blank">CVE-2017-17286</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-encryption-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17301" target="_blank">CVE-2017-17301</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, MAX PRESENCE V100R001C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10 have a buffer overflow vulnerability. An authenticated, local attacker may craft a specific XML file to the affected products. Due to insufficient input validation, successful exploit will cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17293" target="_blank">CVE-2017-17293</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V200R003C20SPC900, V200R003C30SPC200 have a memory leak vulnerability. An unauthenticated, remote attacker may send specially crafted H323 packages to the affected products. Due to not release the allocated memory properly to handle the packets, successful exploit may cause memory leak and some services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17296" target="_blank">CVE-2017-17296</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-buffer-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malicious application which has a high privilege to exploit this vulnerability. Successful exploitation may cause denial of service (DoS) attack.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15330" target="_blank">CVE-2017-15330</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17157" target="_blank">CVE-2017-17157</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5500 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5600 V3, V300R003C00, V300R003C10, V300R003C20, OceanStor 5800 V3, V300R003C00, V300R003C10, V300R003C20 have an improper access control vulnerability. Due to incorrectly restrict access to a resource, an attacker with high privilege may exploit the vulnerability to query some information or send specific message to cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15352" target="_blank">CVE-2017-15352</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171122-01-oceanstor-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, have a memory leak vulnerability in H323 protocol. The vulnerability is due to insufficient verification of the packets. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted packets. A successful exploit could cause a memory leak and eventual denial of service (DoS) condition on an affected device.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15332" target="_blank">CVE-2017-15332</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause integer overflow and some process abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17288" target="_blank">CVE-2017-17288</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180131-01-integer-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, have an out-of-bounds read vulnerability in H323 protocol. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15331" target="_blank">CVE-2017-15331</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, eSpace U1981 V200R003C20SPC900, V200R003C30SPC200 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted SIP packages to the affected products. Due to the insufficient validation of some values for SIP packages, successful exploit may cause services abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17295" target="_blank">CVE-2017-17295</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-buffer-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R006C00, TE60 V600R006C00 have a denial of service vulnerability. The software decodes X.509 certificate in an improper way. A remote unauthenticated attacker could send a crafted X.509 certificate to the device. Successful exploit could result in a denial of service on the device.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15341" target="_blank">CVE-2017-15341</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-cert-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a DoS vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make some data overwritten, leak device memory and potentially reset a process.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17186" target="_blank">CVE-2017-17186</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_products</td><td style="text-align: left;">Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, MAX PRESENCE V100R001C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10 have a null pointer dereference vulnerability. Due to insufficient input validation, an authenticated, local attacker may craft a specific XML file to the affected products to cause null pointer dereference. Successful exploit will cause some service abnormal.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17294" target="_blank">CVE-2017-17294</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-06-xml-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_smartphones</td><td style="text-align: left;">Some huawei smartphones with software BTV-DL09C233B350, Berlin-L21HNC432B360, Berlin-L22HNC636B360, Berlin-L24HNC567B360, Berlin-L21C10B130, Berlin-L21C185B132, Berlin-L21C464B130, Berlin-L22C346B140, Berlin-L22C636B160, Berlin-L23C605B131, Berlin-L23DOMC109B160, MHA-AL00AC00B125 have a DoS vulnerability. Due to insufficient input validation, an attacker could trick a user to execute a malicious application, which could be exploited by attacker to launch DoS attacks.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17201" target="_blank">CVE-2017-17201</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-dos-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_smartphones</td><td style="text-align: left;">Bluetooth module in some Huawei mobile phones with software LON-AL00BC00B229 and earlier versions has a buffer overflow vulnerability. Due to insufficient input validation, an unauthenticated attacker may craft Bluetooth AVDTP/AVCTP messages after successful paring, causing buffer overflow. Successful exploit may cause code execution.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17285" target="_blank">CVE-2017-17285</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180129-01-bluetooth-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_smartphones</td><td style="text-align: left;">Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17159" target="_blank">CVE-2017-17159</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-02-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- multiple_smartphones</td><td style="text-align: left;">The 'Find Phone' function in some Huawei smart phones with software earlier than Duke-L09C10B186 versions, earlier than Duke-L09C432B187 versions, earlier than Duke-L09C636B186 versions has an authentication bypass vulnerability. Due to improper authentication realization in the 'Find Phone' function. An attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17161" target="_blank">CVE-2017-17161</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-01-smartphone-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- secospace</td><td style="text-align: left;">Huawei Secospace USG6600 V500R001C30SPC100 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by executing some commands. The attacker can exploit this vulnerability to cause a denial of service.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17163" target="_blank">CVE-2017-17163</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-firewall-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- secospace</td><td style="text-align: left;">Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17164" target="_blank">CVE-2017-17164</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- te60</td><td style="text-align: left;">The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with software V600R006C00, ViewPoint 9030 with software V100R011C02, V100R011C03 have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection resource, a successful exploit may cause the connection resource exhausted of the LDAP client.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17290" target="_blank">CVE-2017-17290</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ldap-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">huawei -- uma</td><td style="text-align: left;">Huawei UMA V200R001C00 has a SQL injection vulnerability in the operation and maintenance module. An attacker logs in to the system as a common user and sends crafted HTTP requests that contain malicious SQL statements to the affected system. Due to a lack of input validation on HTTP requests that contain user-supplied input, successful exploitation may allow the attacker to execute arbitrary SQL queries.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15329" target="_blank">CVE-2017-15329</a><br /><a href="http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171116-01-uma-en" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- aix</td><td style="text-align: left;">A software logic bug creates a vulnerability in an AIX 6.1, 7.1, and 7.2 daemon which could allow a user with root privileges on one system, to obtain root access on another machine. IBM X-force ID: 138117.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1383" target="_blank">CVE-2018-1383</a><br /><a href="http://aix.software.ibm.com/aix/efixes/security/aixbase_advisory.asc" target="_blank">CONFIRM</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=isg3T1026948" target="_blank">MISC</a><br /><a href="http://www.securityfocus.com/bid/102989" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040358" target="_blank">SECTRACK</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/138117" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- connections</td><td style="text-align: left;">IBM Connections 4.0, 4.5, 5.0, 5.5, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134004.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1682" target="_blank">CVE-2017-1682</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22012900" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/134004" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- inotes</td><td style="text-align: left;">IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1711" target="_blank">CVE-2017-1711</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010774" target="_blank">CONFIRM</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010775" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/134532" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- maximo_asset_management</td><td style="text-align: left;">IBM Maximo Asset Management 7.5 and 7.6 could allow a remote attacker to include arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable Web server. IBM X-Force ID: 129106.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1499" target="_blank">CVE-2017-1499</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22012781" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/129106" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- notes</td><td style="text-align: left;">IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1720" target="_blank">CVE-2017-1720</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010766" target="_blank">CONFIRM</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010767" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/134807" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- notes_and_domino_nsd</td><td style="text-align: left;">IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1714" target="_blank">CVE-2017-1714</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010776" target="_blank">CONFIRM</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22010777" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/134633" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- security_guardium_database_activity_monitor</td><td style="text-align: left;">IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Force ID: 137765.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1368" target="_blank">CVE-2018-1368</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22013302" target="_blank">CONFIRM</a><br /><a href="http://www.securitytracker.com/id/1040349" target="_blank">SECTRACK</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/137765" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- websphere_portal</td><td style="text-align: left;">IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136005.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1761" target="_blank">CVE-2017-1761</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22012416" target="_blank">CONFIRM</a><br /><a href="http://www.securitytracker.com/id/1040333" target="_blank">SECTRACK</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/136005" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- websphere_portal</td><td style="text-align: left;">IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138437.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1401" target="_blank">CVE-2018-1401</a><br /><a href="http://www.securityfocus.com/bid/102973" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040331" target="_blank">SECTRACK</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/138437" target="_blank">MISC</a><br /><a href="https://www.ibm.com/support/docview.wss?uid=swg22013097" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">idashboards -- idashboards</td><td style="text-align: left;">An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak obfuscation library, allowing man-in-the-middle attackers to discover credentials.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7211" target="_blank">CVE-2018-7211</a><br /><a href="https://membership.backbox.org/idashboards-9-6b-multiple-vulnerabilities/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">idashboards -- idashboards</td><td style="text-align: left;">An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idb/config?CMD=installLicense URI, as demonstrated by intranet IP addresses and names of guest accounts.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7210" target="_blank">CVE-2018-7210</a><br /><a href="https://membership.backbox.org/idashboards-9-6b-multiple-vulnerabilities/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">idashboards -- idashboards</td><td style="text-align: left;">An issue was discovered in iDashboards 9.6b. It allows remote attackers to obtain sensitive information via a direct request for the idashboards/config.xml URI, as demonstrated by intranet URLs for reports.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7209" target="_blank">CVE-2018-7209</a><br /><a href="https://membership.backbox.org/idashboards-9-6b-multiple-vulnerabilities/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">imagemagick -- imagemagick</td><td style="text-align: left;">THe OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6876" target="_blank">CVE-2018-6876</a><br /><a href="http://www.securityfocus.com/bid/103035" target="_blank">BID</a><br /><a href="https://github.com/ImageMagick/ImageMagick/issues/973" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">imagemagick -- imagemagick</td><td style="text-align: left;">A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously crafted pict file.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6930" target="_blank">CVE-2018-6930</a><br /><a href="https://github.com/ImageMagick/ImageMagick/issues/967" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infinispan -- infinispan</td><td style="text-align: left;">It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15089" target="_blank">CVE-2017-15089</a><br /><a href="http://www.securitytracker.com/id/1040360" target="_blank">SECTRACK</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0294" target="_blank">REDHAT</a><br /><a href="https://github.com/infinispan/infinispan/pull/5639" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">info-zip -- unzip</td><td style="text-align: left;">An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000034" target="_blank">CVE-2018-1000034</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">info-zip -- unzip</td><td style="text-align: left;">A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000031" target="_blank">CVE-2018-1000031</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">info-zip -- unzip</td><td style="text-align: left;">A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000032" target="_blank">CVE-2018-1000032</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">info-zip -- unzip</td><td style="text-align: left;">A heap-based buffer overflow exists in Info-Zip UnZip version &lt;= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000035" target="_blank">CVE-2018-1000035</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">info-zip -- unzip</td><td style="text-align: left;">An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000033" target="_blank">CVE-2018-1000033</a><br /><a href="http://www.securityfocus.com/bid/103031" target="_blank">BID</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">irssi -- irssi</td><td style="text-align: left;">An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7052" target="_blank">CVE-2018-7052</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/15/1" target="_blank">CONFIRM</a><br /><a href="https://irssi.org/security/irssi_sa_2018_02.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">irssi -- irssi</td><td style="text-align: left;">An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7051" target="_blank">CVE-2018-7051</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/15/1" target="_blank">CONFIRM</a><br /><a href="https://irssi.org/security/irssi_sa_2018_02.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">irssi -- irssi</td><td style="text-align: left;">An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7053" target="_blank">CVE-2018-7053</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/15/1" target="_blank">CONFIRM</a><br /><a href="https://irssi.org/security/irssi_sa_2018_02.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">irssi -- irssi</td><td style="text-align: left;">An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7050" target="_blank">CVE-2018-7050</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/15/1" target="_blank">CONFIRM</a><br /><a href="https://irssi.org/security/irssi_sa_2018_02.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">irssi -- irssi</td><td style="text-align: left;">An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7054" target="_blank">CVE-2018-7054</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/15/1" target="_blank">CONFIRM</a><br /><a href="https://irssi.org/security/irssi_sa_2018_02.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ivanti -- endpoint_security</td><td style="text-align: left;">Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6316" target="_blank">CVE-2018-6316</a><br /><a href="https://community.ivanti.com/docs/DOC-65656" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jboss -- jboss-remoting</td><td style="text-align: left;">A vulnerability was found in the way RemoteMessageChannel, introduced in jboss-remoting versions 3.3.10, reads from an empty buffer. An attacker could use this flaw to cause denial of service via high CPU caused by an infinite loop.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1041" target="_blank">CVE-2018-1041</a><br /><a href="http://www.securitytracker.com/id/1040323" target="_blank">SECTRACK</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0268" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0269" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0270" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0271" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0275" target="_blank">REDHAT</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1530457" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins</td><td style="text-align: left;">Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000058" target="_blank">CVE-2018-1000058</a><br /><a href="http://www.securityfocus.com/bid/103034" target="_blank">BID</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins</td><td style="text-align: left;">An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jenkins home directory is on a case-insensitive file system.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000068" target="_blank">CVE-2018-1000068</a><br /><a href="https://jenkins.io/security/advisory/2018-02-14/#SECURITY-717" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins</td><td style="text-align: left;">An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000067" target="_blank">CVE-2018-1000067</a><br /><a href="https://jenkins.io/security/advisory/2018-02-14/#SECURITY-506" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Staff Master through 1.0 RC 1 component for Joomla! via the name parameter in a view=staff request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5992" target="_blank">CVE-2018-5992</a><br /><a href="https://exploit-db.com/exploits/44129" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6368" target="_blank">CVE-2018-6368</a><br /><a href="https://exploit-db.com/exploits/44117" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6396" target="_blank">CVE-2018-6396</a><br /><a href="https://exploit-db.com/exploits/44113" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5987" target="_blank">CVE-2018-5987</a><br /><a href="https://exploit-db.com/exploits/44131" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6585" target="_blank">CVE-2018-6585</a><br /><a href="https://exploit-db.com/exploits/44121" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&amp;alias= request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6583" target="_blank">CVE-2018-6583</a><br /><a href="https://exploit-db.com/exploits/44130" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5991" target="_blank">CVE-2018-5991</a><br /><a href="https://exploit-db.com/exploits/44111" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6394" target="_blank">CVE-2018-6394</a><br /><a href="https://exploit-db.com/exploits/44114" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Realpin through 1.5.04 component for Joomla! via the pinboard parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6005" target="_blank">CVE-2018-6005</a><br /><a href="https://exploit-db.com/exploits/44125" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the ccNewsletter 2.x component for Joomla! via the id parameter in a task=removeSubscriber action, a related issue to CVE-2011-5099.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5989" target="_blank">CVE-2018-5989</a><br /><a href="https://exploit-db.com/exploits/44132" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6004" target="_blank">CVE-2018-6004</a><br /><a href="https://exploit-db.com/exploits/44110" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6006" target="_blank">CVE-2018-6006</a><br /><a href="https://exploit-db.com/exploits/44119" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Saxum Numerology 3.0.4 component for Joomla! via the publicid parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7177" target="_blank">CVE-2018-7177</a><br /><a href="https://www.exploit-db.com/exploits/44134" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5994" target="_blank">CVE-2018-5994</a><br /><a href="https://exploit-db.com/exploits/44120" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&amp;id= request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6584" target="_blank">CVE-2018-6584</a><br /><a href="https://exploit-db.com/exploits/44108" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7178" target="_blank">CVE-2018-7178</a><br /><a href="https://www.exploit-db.com/exploits/44136" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the SimpleCalendar 3.1.9 component for Joomla! via the catid array parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5974" target="_blank">CVE-2018-5974</a><br /><a href="https://exploit-db.com/exploits/44126" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7180" target="_blank">CVE-2018-7180</a><br /><a href="https://www.exploit-db.com/exploits/44133" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the SquadManagement 1.0.3 component for Joomla! via the id parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7179" target="_blank">CVE-2018-7179</a><br /><a href="https://www.exploit-db.com/exploits/44135" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Solidres 2.5.1 component for Joomla! via the direction parameter in a hub.search action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5980" target="_blank">CVE-2018-5980</a><br /><a href="https://exploit-db.com/exploits/44128" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Advertisement Board 3.1.0 component for Joomla! via a task=show_rss_categories&amp;catname= request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5982" target="_blank">CVE-2018-5982</a><br /><a href="https://exploit-db.com/exploits/44105" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JquickContact 1.3.2.2.1 component for Joomla! via a task=refresh&amp;sid= request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5983" target="_blank">CVE-2018-5983</a><br /><a href="https://exploit-db.com/exploits/44118" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5981" target="_blank">CVE-2018-5981</a><br /><a href="https://exploit-db.com/exploits/44112" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Smart Shoutbox 3.0.0 component for Joomla! via the shoutauthor parameter to the archive URI.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5975" target="_blank">CVE-2018-5975</a><br /><a href="https://exploit-db.com/exploits/44127" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6373" target="_blank">CVE-2018-6373</a><br /><a href="https://exploit-db.com/exploits/44109" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6370" target="_blank">CVE-2018-6370</a><br /><a href="https://exploit-db.com/exploits/44123" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the Aist through 2.0 component for Joomla! via the id parameter in a view=showvacancy request.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5993" target="_blank">CVE-2018-5993</a><br /><a href="https://exploit-db.com/exploits/44106" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5971" target="_blank">CVE-2018-5971</a><br /><a href="https://exploit-db.com/exploits/44122" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6372" target="_blank">CVE-2018-6372</a><br /><a href="https://exploit-db.com/exploits/44115" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5990" target="_blank">CVE-2018-5990</a><br /><a href="https://exploit-db.com/exploits/44107" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">joomla! -- joomla!</td><td style="text-align: left;">SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5970" target="_blank">CVE-2018-5970</a><br /><a href="https://exploit-db.com/exploits/44116" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">leptonica -- leptonica</td><td style="text-align: left;">Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a long string, as demonstrated by the gplotRead and ptaReadStream functions.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7186" target="_blank">CVE-2018-7186</a><br /><a href="https://bugs.debian.org/890548" target="_blank">MISC</a><br /><a href="https://github.com/DanBloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a" target="_blank">MISC</a><br /><a href="https://lists.debian.org/debian-lts/2018/02/msg00054.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">libreoffice -- libreoffice</td><td style="text-align: left;">LibreOffice through 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6871" target="_blank">CVE-2018-6871</a><br /><a href="https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure" target="_blank">MISC</a><br /><a href="https://www.debian.org/security/2018/dsa-4111" target="_blank">DEBIAN</a><br /><a href="https://www.exploit-db.com/exploits/44022/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">linux -- linux_kernel</td><td style="text-align: left;">The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6927" target="_blank">CVE-2018-6927</a><br /><a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a" target="_blank">MISC</a><br /><a href="http://www.securityfocus.com/bid/103023" target="_blank">BID</a><br /><a href="https://github.com/torvalds/linux/commit/fbe0e839d1e22d88810f3ee3e2f1479be4c0aa4a" target="_blank">MISC</a><br /><a href="https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">linux -- linux_kernel</td><td style="text-align: left;">In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18174" target="_blank">CVE-2017-18174</a><br /><a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=251e22abde21833b3d29577e4d8c7aaccd650eee" target="_blank">MISC</a><br /><a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dca4a41f1ad65043a78c2338d9725f859c8d2c3" target="_blank">MISC</a><br /><a href="https://github.com/torvalds/linux/commit/251e22abde21833b3d29577e4d8c7aaccd650eee" target="_blank">MISC</a><br /><a href="https://github.com/torvalds/linux/commit/8dca4a41f1ad65043a78c2338d9725f859c8d2c3" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- chakracore</td><td style="text-align: left;">ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0858" target="_blank">CVE-2018-0858</a><br /><a href="http://www.securityfocus.com/bid/102865" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0858" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge</td><td style="text-align: left;">Microsoft Edge in Microsoft Windows 10 1703 and 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0839.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0763" target="_blank">CVE-2018-0763</a><br /><a href="http://www.securityfocus.com/bid/102873" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0763" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge</td><td style="text-align: left;">Microsoft Edge in Microsoft Windows 10 1703 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0763.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0839" target="_blank">CVE-2018-0839</a><br /><a href="http://www.securityfocus.com/bid/102860" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0839" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge</td><td style="text-align: left;">Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows a security feature bypass, due to how Edge handles different-origin requests, aka "Microsoft Edge Security Feature Bypass".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0771" target="_blank">CVE-2018-0771</a><br /><a href="http://www.securityfocus.com/bid/102857" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0771" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge</td><td style="text-align: left;">Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0861" target="_blank">CVE-2018-0861</a><br /><a href="http://www.securityfocus.com/bid/102884" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0861" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0838" target="_blank">CVE-2018-0838</a><br /><a href="http://www.securityfocus.com/bid/102877" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0838" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44080/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0857" target="_blank">CVE-2018-0857</a><br /><a href="http://www.securityfocus.com/bid/102881" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0857" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0836" target="_blank">CVE-2018-0836</a><br /><a href="http://www.securityfocus.com/bid/102875" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0836" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0860" target="_blank">CVE-2018-0860</a><br /><a href="http://www.securityfocus.com/bid/102883" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0860" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44076/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0837" target="_blank">CVE-2018-0837</a><br /><a href="http://www.securityfocus.com/bid/102876" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0837" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44081/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0859" target="_blank">CVE-2018-0859</a><br /><a href="http://www.securityfocus.com/bid/102882" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0859" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- edge_and_chakracore</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 1703 and 1709 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0856" target="_blank">CVE-2018-0856</a><br /><a href="http://www.securityfocus.com/bid/102880" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0856" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- internet_explorer</td><td style="text-align: left;">Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, and CVE-2018-0861.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0866" target="_blank">CVE-2018-0866</a><br /><a href="http://www.securityfocus.com/bid/103032" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040369" target="_blank">SECTRACK</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0866" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- internet_explorer</td><td style="text-align: left;">Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0840" target="_blank">CVE-2018-0840</a><br /><a href="http://www.securityfocus.com/bid/102886" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040369" target="_blank">SECTRACK</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0840" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44077/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- internet_explorer</td><td style="text-align: left;">Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0847" target="_blank">CVE-2018-0847</a><br /><a href="http://www.securityfocus.com/bid/102861" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040370" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0847" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- office</td><td style="text-align: left;">Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0851.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0852" target="_blank">CVE-2018-0852</a><br /><a href="http://www.securityfocus.com/bid/102871" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040368" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0852" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- office</td><td style="text-align: left;">Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0853" target="_blank">CVE-2018-0853</a><br /><a href="http://www.securityfocus.com/bid/102868" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040381" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0853" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- office</td><td style="text-align: left;">Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0852.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0851" target="_blank">CVE-2018-0851</a><br /><a href="http://www.securityfocus.com/bid/102870" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040381" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0851" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- office_2016_click-to-run</td><td style="text-align: left;">Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability"</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0841" target="_blank">CVE-2018-0841</a><br /><a href="http://www.securityfocus.com/bid/102957" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040367" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0841" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- outlook</td><td style="text-align: left;">Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0850" target="_blank">CVE-2018-0850</a><br /><a href="http://www.securityfocus.com/bid/102866" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040382" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0850" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- sharepoint</td><td style="text-align: left;">SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0869" target="_blank">CVE-2018-0869</a><br /><a href="http://www.securityfocus.com/bid/102963" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040376" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0869" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- sharepoint</td><td style="text-align: left;">SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosure Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0864" target="_blank">CVE-2018-0864</a><br /><a href="http://www.securityfocus.com/bid/102962" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040376" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0864" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Common Log File System Driver Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0844.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0846" target="_blank">CVE-2018-0846</a><br /><a href="http://www.securityfocus.com/bid/102931" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040380" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0846" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonations are handled, aka "Windows AppContainer Elevation Of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0821" target="_blank">CVE-2018-0821</a><br /><a href="http://www.securityfocus.com/bid/102939" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040379" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0821" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">Windows Scripting Host (WSH) in Windows 10 versions 1703 and 1709 and Windows Server, version 1709 allows a Device Guard security feature bypass vulnerability due to the way objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0827" target="_blank">CVE-2018-0827</a><br /><a href="http://www.securityfocus.com/bid/102927" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0827" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0835" target="_blank">CVE-2018-0835</a><br /><a href="http://www.securityfocus.com/bid/102874" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0835" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44079/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">The Named Pipe File System in Windows 10 version 1709 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Named Pipe File System handles objects, aka "Named Pipe File System Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0823" target="_blank">CVE-2018-0823</a><br /><a href="http://www.securityfocus.com/bid/102919" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040379" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0823" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0826" target="_blank">CVE-2018-0826</a><br /><a href="http://www.securityfocus.com/bid/102944" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040379" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0826" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0761.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0855" target="_blank">CVE-2018-0855</a><br /><a href="http://www.securityfocus.com/bid/102936" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040374" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0855" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0828" target="_blank">CVE-2018-0828</a><br /><a href="http://www.securityfocus.com/bid/102935" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0828" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way NTFS handles objects, aka "Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0822" target="_blank">CVE-2018-0822</a><br /><a href="http://www.securityfocus.com/bid/102942" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040378" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0822" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Common Log File System Driver Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0846.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0844" target="_blank">CVE-2018-0844</a><br /><a href="http://www.securityfocus.com/bid/102929" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040380" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0844" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how objects are handled in memory, aka "StructuredQuery Remote Code Execution Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0825" target="_blank">CVE-2018-0825</a><br /><a href="http://www.securityfocus.com/bid/102920" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040366" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0825" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0833" target="_blank">CVE-2018-0833</a><br /><a href="http://www.securityfocus.com/bid/102924" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040375" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0833" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows</td><td style="text-align: left;">Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, CVE-2018-0838, CVE-2018-0840, CVE-2018-0856, CVE-2018-0857, CVE-2018-0858, CVE-2018-0859, CVE-2018-0860, CVE-2018-0861, and CVE-2018-0866.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0834" target="_blank">CVE-2018-0834</a><br /><a href="http://www.securityfocus.com/bid/102859" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040372" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0834" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/44078/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_embedded_opentype_font_engine</td><td style="text-align: left;">The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1, Windows Server 2008 R2, and Windows Server 2012 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0755, CVE-2018-0761, and CVE-2018-0855.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0760" target="_blank">CVE-2018-0760</a><br /><a href="http://www.securityfocus.com/bid/102953" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040374" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0760" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_embedded_opentype_font_engine</td><td style="text-align: left;">The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0760, CVE-2018-0761, and CVE-2018-0855.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0755" target="_blank">CVE-2018-0755</a><br /><a href="http://www.securityfocus.com/bid/102934" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040374" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0755" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_embedded_opentype_font_engine</td><td style="text-align: left;">The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0755, CVE-2018-0760, and CVE-2018-0855.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0761" target="_blank">CVE-2018-0761</a><br /><a href="http://www.securityfocus.com/bid/102952" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040374" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0761" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0831" target="_blank">CVE-2018-0831</a><br /><a href="http://www.securityfocus.com/bid/102943" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0831" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0830.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0832" target="_blank">CVE-2018-0832</a><br /><a href="http://www.securityfocus.com/bid/102923" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0832" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0829 and CVE-2018-0832.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0830" target="_blank">CVE-2018-0830</a><br /><a href="http://www.securityfocus.com/bid/102949" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0830" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0830 and CVE-2018-0832.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0829" target="_blank">CVE-2018-0829</a><br /><a href="http://www.securityfocus.com/bid/102948" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0829" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0842" target="_blank">CVE-2018-0842</a><br /><a href="http://www.securityfocus.com/bid/102946" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040371" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0842" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2, and Windows Server 2012 allows an information disclosure vulnerability due to the way memory is initialized, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0757.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0810" target="_blank">CVE-2018-0810</a><br /><a href="http://www.securityfocus.com/bid/102938" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0810" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Kernel Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0756. CVE-2018-0809, CVE-2018-0820 and CVE-2018-0843.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0742" target="_blank">CVE-2018-0742</a><br /><a href="http://www.securityfocus.com/bid/102937" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0742" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Kernel Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0843.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0820" target="_blank">CVE-2018-0820</a><br /><a href="http://www.securityfocus.com/bid/102945" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0820" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and CVE-2018-0820.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0843" target="_blank">CVE-2018-0843</a><br /><a href="http://www.securityfocus.com/bid/102951" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0843" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Kernel Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0809, CVE-2018-0820 and CVE-2018-0843.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0756" target="_blank">CVE-2018-0756</a><br /><a href="http://www.securityfocus.com/bid/102941" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0756" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0810.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0757" target="_blank">CVE-2018-0757</a><br /><a href="http://www.securityfocus.com/bid/102947" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0757" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">microsoft -- windows_kernel</td><td style="text-align: left;">The Windows kernel in Windows 10, versions 1703 and 1709, and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0820 and CVE-2018-0843.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0809" target="_blank">CVE-2018-0809</a><br /><a href="http://www.securityfocus.com/bid/102933" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040373" target="_blank">SECTRACK</a><br /><a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0809" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">minibb -- minibb</td><td style="text-align: left;">Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle field.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6506" target="_blank">CVE-2018-6506</a><br /><a href="https://offensivehacking.wordpress.com/2018/02/07/minibb-forums-v3-2-2-stored-xss/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">misp -- misp</td><td style="text-align: left;">In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6926" target="_blank">CVE-2018-6926</a><br /><a href="https://github.com/MISP/MISP/commit/0a2aa9d52492d960b9a161160acedbe9caaa4126" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">myrepos -- myrepos</td><td style="text-align: left;">webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7032" target="_blank">CVE-2018-7032</a><br /><a href="https://bugs.debian.org/840014" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">national_payments_corporation_of_india -- bharat_interface_for_money</td><td style="text-align: left;">National Payments Corporation of India (NPCI) Bharat Interface for Money (aka BHIM) 1.4.1 sends messages to undocumented telephone numbers in conjunction with logout/login actions, which allows remote attackers to obtain sensitive information.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7207" target="_blank">CVE-2018-7207</a><br /><a href="https://github.com/srvnmnit/BHIM-Vulnerability" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">nippon_telegraph_and_telephone_east_corporation -- flet's_address_selection_tool</td><td style="text-align: left;">Untrusted search path vulnerability in FLET'S v4 / v6 address selection tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0516" target="_blank">CVE-2018-0516</a><br /><a href="http://flets-w.com/topics/2018/20180207a.html" target="_blank">MISC</a><br /><a href="https://jvn.jp/en/jp/JVN87403477/index.html" target="_blank">JVN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">nippon_telegraph_and_telephone_east_corporation -- flet's_azukeru_backup_tool</td><td style="text-align: left;">Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" version 1.5.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0515" target="_blank">CVE-2018-0515</a><br /><a href="https://flets.com/azukeru/login/news/info_180213.html" target="_blank">MISC</a><br /><a href="https://jvn.jp/en/jp/JVN04564808/index.html" target="_blank">JVN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">october_cms -- october_cms</td><td style="text-align: left;">October CMS through 1.0.431 allows XSS by entering HTML on the Add Posts page.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7198" target="_blank">CVE-2018-7198</a><br /><a href="http://securitywarrior9.blogspot.com/2018/02/html-injection-october-cms.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">openrc -- opentmpfiles</td><td style="text-align: left;">OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18188" target="_blank">CVE-2017-18188</a><br /><a href="https://github.com/OpenRC/opentmpfiles/issues/3" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- bitcoin_mlm_software</td><td style="text-align: left;">Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6862" target="_blank">CVE-2018-6862</a><br /><a href="https://www.exploit-db.com/exploits/44013" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- facebook_clone_script</td><td style="text-align: left;">Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone Script.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6858" target="_blank">CVE-2018-6858</a><br /><a href="https://www.exploit-db.com/exploits/44010" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- lawyer_search_script</td><td style="text-align: left;">Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6861" target="_blank">CVE-2018-6861</a><br /><a href="https://www.exploit-db.com/exploits/44012" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- multi_language_olx_clone_script</td><td style="text-align: left;">PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6845" target="_blank">CVE-2018-6845</a><br /><a href="https://www.exploit-db.com/exploits/44016" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- multi_religion_responsive_matrimonial</td><td style="text-align: left;">Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion Responsive Matrimonial 4.7.2 via a user profile update parameter.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6864" target="_blank">CVE-2018-6864</a><br /><a href="https://www.exploit-db.com/exploits/44015" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- news_website_script</td><td style="text-align: left;">PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6928" target="_blank">CVE-2018-6928</a><br /><a href="https://www.exploit-db.com/exploits/44030/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- schools_alert_management_script</td><td style="text-align: left;">Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6860" target="_blank">CVE-2018-6860</a><br /><a href="https://www.exploit-db.com/exploits/44011" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">php_scripts_mall -- select_your_college_script</td><td style="text-align: left;">SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6863" target="_blank">CVE-2018-6863</a><br /><a href="https://www.exploit-db.com/exploits/44014" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">pluck -- pluck</td><td style="text-align: left;">An issue was discovered in Pluck through 4.7.4. A stored cross-site scripting (XSS) vulnerability allows remote unauthenticated users to inject arbitrary web script or HTML into admin/blog Reaction Comments via a crafted URL.</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7197" target="_blank">CVE-2018-7197</a><br /><a href="https://github.com/pluck-cms/pluck/issues/47" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">postgresql -- postgresql</td><td style="text-align: left;">Memory disclosure vulnerability in table partitioning was found in postgresql 10.x before 10.2, allowing an authenticated attacker to read arbitrary bytes of server memory via purpose-crafted insert to a partitioned table.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1052" target="_blank">CVE-2018-1052</a><br /><a href="http://www.securityfocus.com/bid/102987" target="_blank">BID</a><br /><a href="https://www.postgresql.org/about/news/1829/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">postgresql -- postgresql</td><td style="text-align: left;">In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a directory mode blocks the attacker searching the current working directory or if the prevailing umask blocks the attacker opening the file.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1053" target="_blank">CVE-2018-1053</a><br /><a href="http://www.securityfocus.com/bid/102986" target="_blank">BID</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00006.html" target="_blank">MLIST</a><br /><a href="https://www.postgresql.org/about/news/1829/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">progress -- sitefinity</td><td style="text-align: left;">Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18175" target="_blank">CVE-2017-18175</a><br /><a href="https://packetstormsecurity.com/files/143894/Progress-Sitefinity-9.1-XSS-Session-Management-Open-Redirect.html" target="_blank">MISC</a><br /><a href="https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-progress-sitefinity/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">progress -- sitefinity</td><td style="text-align: left;">Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18177" target="_blank">CVE-2017-18177</a><br /><a href="https://packetstormsecurity.com/files/143894/Progress-Sitefinity-9.1-XSS-Session-Management-Open-Redirect.html" target="_blank">MISC</a><br /><a href="https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-progress-sitefinity/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">progress -- sitefinity</td><td style="text-align: left;">Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18178" target="_blank">CVE-2017-18178</a><br /><a href="https://packetstormsecurity.com/files/143894/Progress-Sitefinity-9.1-XSS-Session-Management-Open-Redirect.html" target="_blank">MISC</a><br /><a href="https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-progress-sitefinity/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">progress -- sitefinity</td><td style="text-align: left;">Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This is fixed in 10.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18179" target="_blank">CVE-2017-18179</a><br /><a href="https://packetstormsecurity.com/files/143894/Progress-Sitefinity-9.1-XSS-Session-Management-Open-Redirect.html" target="_blank">MISC</a><br /><a href="https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-progress-sitefinity/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">progress -- sitefinity</td><td style="text-align: left;">Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18176" target="_blank">CVE-2017-18176</a><br /><a href="https://packetstormsecurity.com/files/143894/Progress-Sitefinity-9.1-XSS-Session-Management-Open-Redirect.html" target="_blank">MISC</a><br /><a href="https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-progress-sitefinity/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">project_jupyterhub -- jupyterhub</td><td style="text-align: left;">An issue was discovered in Project Jupyter JupyterHub OAuthenticator 0.6.x before 0.6.2 and 0.7.x before 0.7.3. When using JupyterHub with GitLab group whitelisting for access control, group membership was not checked correctly, allowing members not in the whitelisted groups to create accounts on the Hub. (Users were not allowed to access other users' accounts, but could create their own accounts on the Hub linked to their GitLab account. GitLab authentication not using gitlab_group_whitelist is unaffected. No other Authenticators are affected.)</td><td style="text-align: center;">2018-02-17</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7206" target="_blank">CVE-2018-7206</a><br /><a href="https://blog.jupyter.org/security-fix-for-jupyterhub-gitlab-oauthenticator-7b14571d1f76" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">puppet_enterprise -- puppet_enterprise</td><td style="text-align: left;">Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a specially crafted string was passed into the facter_task or puppet_conf tasks. This vulnerability only affects tasks in the affected modules, if you are not using puppet tasks you are not affected by this vulnerability.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6508" target="_blank">CVE-2018-6508</a><br /><a href="http://www.securityfocus.com/bid/103020" target="_blank">BID</a><br /><a href="https://puppet.com/security/cve/CVE-2018-6508" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">qpdf -- qpdf</td><td style="text-align: left;">An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18185" target="_blank">CVE-2017-18185</a><br /><a href="https://github.com/qpdf/qpdf/commit/ec7d74a386c0b2f38990079c3b0d2a2b30be0e71" target="_blank">MISC</a><br /><a href="https://github.com/qpdf/qpdf/issues/150" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">qpdf -- qpdf</td><td style="text-align: left;">An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18186" target="_blank">CVE-2017-18186</a><br /><a href="https://github.com/qpdf/qpdf/commit/85f05cc57ffa0a863d9d9b23e73acea9410b2937" target="_blank">MISC</a><br /><a href="https://github.com/qpdf/qpdf/issues/149" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">qpdf -- qpdf</td><td style="text-align: left;">An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18183" target="_blank">CVE-2017-18183</a><br /><a href="https://github.com/qpdf/qpdf/commit/8249a26d69f72b9cda584c14cc3f12769985e481" target="_blank">MISC</a><br /><a href="https://github.com/qpdf/qpdf/issues/143" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">qpdf -- qpdf</td><td style="text-align: left;">An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18184" target="_blank">CVE-2017-18184</a><br /><a href="https://github.com/qpdf/qpdf/commit/dea704f0ab7f625e1e7b3f9a1110b45b63157317" target="_blank">MISC</a><br /><a href="https://github.com/qpdf/qpdf/issues/147" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">qpdf -- qpdf</td><td style="text-align: left;">An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-9252" target="_blank">CVE-2015-9252</a><br /><a href="https://github.com/qpdf/qpdf/commit/701b518d5c56a1449825a3a37a716c58e05e1c3e" target="_blank">MISC</a><br /><a href="https://github.com/qpdf/qpdf/issues/51" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ruckus_networks -- solo_aps_firmware</td><td style="text-align: left;">Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs firmware releases R5.x or before contain authenticated Root Command Injection in the web-GUI that could allow authenticated valid users to execute privileged commands on the respective systems.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6230" target="_blank">CVE-2017-6230</a><br /><a href="https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ruckus_networks -- unleashed_ap_firmware</td><td style="text-align: left;">Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone Director firmware releases 10.1.0.0.x, 9.10.2.0.x, 9.12.3.0.x, 9.13.3.0.x, 10.0.1.0.x or before contain authenticated Root Command Injection in the CLI that could allow authenticated valid users to execute privileged commands on the respective systems.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6229" target="_blank">CVE-2017-6229</a><br /><a href="https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-20180202-v1.0.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">saml -- saml</td><td style="text-align: left;">The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2371" target="_blank">CVE-2018-2371</a><br /><a href="http://www.securityfocus.com/bid/103005" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2560741" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- central_management_console_and_bi_launchpad_and_fiori_bi_launchpad</td><td style="text-align: left;">Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2370" target="_blank">CVE-2018-2370</a><br /><a href="http://www.securityfocus.com/bid/102998" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2493727" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>sap -- crm_webclient_ui</p></td><td style="text-align: left;">SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2364" target="_blank">CVE-2018-2364</a><br /><a href="http://www.securityfocus.com/bid/103002" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2541700" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- erp_financials_information_system</td><td style="text-align: left;">SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2381" target="_blank">CVE-2018-2381</a><br /><a href="http://www.securityfocus.com/bid/103010" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2545842" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>sap -- hana</p></td><td style="text-align: left;">Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker cannot influence or predict the location of the leaked memory.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2369" target="_blank">CVE-2018-2369</a><br /><a href="http://www.securityfocus.com/bid/102997" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2572940" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2374" target="_blank">CVE-2018-2374</a><br /><a href="http://www.securityfocus.com/bid/103018" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2375" target="_blank">CVE-2018-2375</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2377" target="_blank">CVE-2018-2377</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2379" target="_blank">CVE-2018-2379</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">A plain keystore password is written to a system log file in SAP HANA Extended Application Services, 1.0, which could endanger confidentiality of SSL communication.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2372" target="_blank">CVE-2018-2372</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2376" target="_blank">CVE-2018-2376</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">In SAP HANA Extended Application Services, 1.0, unauthorized users can read statistical data about deployed applications including resource consumption.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2378" target="_blank">CVE-2018-2378</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- hana_extended_application_services</td><td style="text-align: left;">Under certain circumstances, a specific endpoint of the Controller's API could be misused by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2373" target="_blank">CVE-2018-2373</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2589129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2383" target="_blank">CVE-2018-2383</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2395" target="_blank">CVE-2018-2395</a><br /><a href="http://www.securityfocus.com/bid/103019" target="_blank">BID</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2388" target="_blank">CVE-2018-2388</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2394" target="_blank">CVE-2018-2394</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2389" target="_blank">CVE-2018-2389</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2392" target="_blank">CVE-2018-2392</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2382" target="_blank">CVE-2018-2382</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2385" target="_blank">CVE-2018-2385</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2384" target="_blank">CVE-2018-2384</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2391" target="_blank">CVE-2018-2391</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2393" target="_blank">CVE-2018-2393</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2386" target="_blank">CVE-2018-2386</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2390" target="_blank">CVE-2018-2390</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2396" target="_blank">CVE-2018-2396</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sap -- internet_graphics_server</td><td style="text-align: left;">A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-2387" target="_blank">CVE-2018-2387</a><br /><a href="https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" target="_blank">CONFIRM</a><br /><a href="https://launchpad.support.sap.com/#/notes/2525222" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">saperion -- web_client</td><td style="text-align: left;">Remote Code Execution in Saperion Web Client version 7.5.2 83166.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6292" target="_blank">CVE-2018-6292</a><br /><a href="https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/02/09/klcert-18-001-saperion-webclient-multiple-vulnerabilities-remote-code-execution-with-system-user-privileges-in-saperion-web-client/" target="_blank">MISC</a><br /><a href="https://ics-cert.kaspersky.com/alerts/2018/02/12/multiple-vulnerabilities-found-in-popular-document-management-system/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">saperion -- web_client</td><td style="text-align: left;">Arbitrary File Read in Saperion Web Client version 7.5.2 83166.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6293" target="_blank">CVE-2018-6293</a><br /><a href="https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/02/09/klcert-18-002-saperion-webclient-multiple-vulnerabilities-arbitrary-file-read-in-saperion-web-client/" target="_blank">MISC</a><br /><a href="https://ics-cert.kaspersky.com/alerts/2018/02/12/multiple-vulnerabilities-found-in-popular-document-management-system/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">schneider_electric -- igss_mobile_application</td><td style="text-align: left;">An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of sensitive information.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9969" target="_blank">CVE-2017-9969</a><br /><a href="http://www.securityfocus.com/bid/103046" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-046-03" target="_blank">MISC</a><br /><a href="https://www.schneider-electric.com/en/download/document/SEVD-2018-039-02/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">schneider_electric -- igss_mobile_application</td><td style="text-align: left;">A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result in a man-in-the-middle attack.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9968" target="_blank">CVE-2017-9968</a><br /><a href="http://www.securityfocus.com/bid/103048" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-046-03" target="_blank">MISC</a><br /><a href="https://www.schneider-electric.com/en/download/document/SEVD-2018-039-02/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">schneider_electric -- igss_scada_software</td><td style="text-align: left;">A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP) were not properly configured resulting in weak security.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9967" target="_blank">CVE-2017-9967</a><br /><a href="http://www.securityfocus.com/bid/103022" target="_blank">BID</a><br /><a href="https://www.schneider-electric.com/en/download/document/SEVD-2018-037-01/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">schneider_electric -- powerscada</td><td style="text-align: left;">A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type of attack requires some level of social engineering in order to get a legitimate user to click on or access a malicious link/site containing the CSRF attack.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9963" target="_blank">CVE-2017-9963</a><br /><a href="http://www.schneider-electric.com/en/download/document/SEVD-2017-173-01/," target="_blank">CONFIRM</a><br /><a href="https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9071-security-notification-citect-anywhere" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">schneider_electric -- struxureon_gateway</td><td style="text-align: left;">A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded to any directory on the host machine information which could lead to remote code execution.</td><td style="text-align: center;">2018-02-12</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9970" target="_blank">CVE-2017-9970</a><br /><a href="http://www.securityfocus.com/bid/103052" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-046-04" target="_blank">MISC</a><br /><a href="https://www.schneider-electric.com/en/download/document/SEVD-2018-039-01/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12722" target="_blank">CVE-2017-12722</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="http://www.securityfocus.com/bid/101252" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">An Improper Certificate Validation issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump does not validate host certificates, leaving the pump vulnerable to a man-in-the-middle (MITM) attack.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12721" target="_blank">CVE-2017-12721</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">A Password in Configuration File issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump stores some passwords in the configuration file, which are accessible if the pump is configured to allow external communications.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12723" target="_blank">CVE-2017-12723</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured to allow FTP connections.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12724" target="_blank">CVE-2017-12724</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12718" target="_blank">CVE-2017-12718</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="http://www.securityfocus.com/bid/101252" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a><br /><a href="https://www.exploit-db.com/exploits/43776/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump does not require authentication if the pump is configured to allow FTP connections.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12720" target="_blank">CVE-2017-12720</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The pump with default network configuration uses hard-coded credentials to automatically establish a wireless network connection. The pump will establish a wireless network connection even if the pump is Ethernet connected and active; however, if the wireless association is established and the Ethernet cable is attached, the pump does not attach the network stack to the wireless network. In this scenario, all network traffic is instead directed over the wired Ethernet connection.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12725" target="_blank">CVE-2017-12725</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">smiths_medical -- medfusion_4000_wireless_syringe_infusion_pump</td><td style="text-align: left;">A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. Telnet on the pump uses hardcoded credentials, which can be used if the pump is configured to allow external communications. Smiths Medical assesses that it is not possible to upload files via Telnet and the impact of this vulnerability is limited to the communications module.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12726" target="_blank">CVE-2017-12726</a><br /><a href="http://www.securityfocus.com/bid/100665" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSMA-17-250-02A" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">sound_exchange_project -- sound_exchange</td><td style="text-align: left;">In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18189" target="_blank">CVE-2017-18189</a><br /><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121" target="_blank">MISC</a><br /><a href="https://public-inbox.org/sox-devel/20171109114554.16297-1-mans@mansr.com/raw" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">squid_software_foundation -- squid_http_caching_proxy</td><td style="text-align: left;">The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000024" target="_blank">CVE-2018-1000024</a><br /><a href="http://www.squid-cache.org/Advisories/SQUID-2018_1.txt" target="_blank">CONFIRM</a><br /><a href="http://www.squid-cache.org/Versions/" target="_blank">MISC</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">squid_software_foundation -- squid_http_caching_proxy</td><td style="text-align: left;">The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000027" target="_blank">CVE-2018-1000027</a><br /><a href="http://www.squid-cache.org/Advisories/SQUID-2018_2.txt" target="_blank">CONFIRM</a><br /><a href="http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2018_2.patch" target="_blank">CONFIRM</a><br /><a href="http://www.squid-cache.org/Versions/v4/changesets/SQUID-2018_2.patch" target="_blank">CONFIRM</a><br /><a href="https://github.com/squid-cache/squid/pull/129/files" target="_blank">CONFIRM</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00001.html" target="_blank">MLIST</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00002.html" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">steelcase -- roomwizard</td><td style="text-align: left;">RoomWizard before 4.4.x allows XSS via the HelpAction.action pageName parameter.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7057" target="_blank">CVE-2018-7057</a><br /><a href="http://misteralfa-hack.blogspot.cl/2018/02/steelcase-sala-por-favor-y-todos-tus.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">steelcase -- roomwizard</td><td style="text-align: left;">RoomWizard before 4.4.x allows remote attackers to obtain potentially sensitive information about IP addresses via /getGroupTimeLineJSON.action.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7056" target="_blank">CVE-2018-7056</a><br /><a href="http://misteralfa-hack.blogspot.cl/2018/02/steelcase-sala-por-favor-y-todos-tus.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">steelcase -- roomwizard</td><td style="text-align: left;">GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the url parameter.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7055" target="_blank">CVE-2018-7055</a><br /><a href="http://misteralfa-hack.blogspot.cl/2018/02/steelcase-sala-por-favor-y-todos-tus.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">systemd -- systemd</td><td style="text-align: left;">systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6954" target="_blank">CVE-2018-6954</a><br /><a href="https://github.com/systemd/systemd/issues/7986" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">systemd -- systemd</td><td style="text-align: left;">In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1049" target="_blank">CVE-2018-1049</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0260" target="_blank">REDHAT</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1534701" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">tenda -- ac15_ router</td><td style="text-align: left;">An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5767" target="_blank">CVE-2018-5767</a><br /><a href="https://www.fidusinfosec.com/remote-code-execution-cve-2018-5767/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">tiki -- tiki</td><td style="text-align: left;">An XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7188" target="_blank">CVE-2018-7188</a><br /><a href="http://openwall.com/lists/oss-security/2018/02/16/1" target="_blank">MISC</a><br /><a href="https://sourceforge.net/p/tikiwiki/code/65327" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trend_micro -- interscan_messaging_security_virtual_appliance</td><td style="text-align: left;">A vulnerability in the Trend Micro InterScan Messaging Security Virtual Appliance 9.0 and 9.1 management portal could allow an unauthenticated user to access sensitive information in a particular log file that could be used to bypass authentication on vulnerable installations.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-3609" target="_blank">CVE-2018-3609</a><br /><a href="https://korelogic.com/Resources/Advisories/KL-001-2018-006.txt" target="_blank">MISC</a><br /><a href="https://success.trendmicro.com/jp/solution/1119290" target="_blank">MISC</a><br /><a href="https://success.trendmicro.com/solution/1119277" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trend_micro -- user-mode_hooking_module</td><td style="text-align: left;">A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable system.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6218" target="_blank">CVE-2018-6218</a><br /><a href="https://jvn.jp/jp/JVN28865183/" target="_blank">JVN</a><br /><a href="https://success.trendmicro.com/jp/solution/1119348" target="_blank">MISC</a><br /><a href="https://success.trendmicro.com/solution/1119326" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trendnet -- multiple_devices</td><td style="text-align: left;">TRENDnet TEW-751DR v1.03B03, TEW-752DRU v1.03B01, and TEW733GR v1.03B01 devices allow authentication bypass via an AUTHORIZED_GROUP=1 value, as demonstrated by a request for getcfg.php.</td><td style="text-align: center;">2018-02-14</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7034" target="_blank">CVE-2018-7034</a><br /><a href="https://blogs.securiteam.com/index.php/archives/3627" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trixbox -- trixbox</td><td style="text-align: left;">trixbox 2.8.0.4 has XSS via the PATH_INFO to /maint/index.php or /user/includes/language/langChooser.php.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14536" target="_blank">CVE-2017-14536</a><br /><a href="http://www.securityfocus.com/bid/103009" target="_blank">BID</a><br /><a href="https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-cross-site-scripting-vulnerabilities/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trixbox -- trixbox</td><td style="text-align: left;">trixbox 2.8.0.4 has path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14537" target="_blank">CVE-2017-14537</a><br /><a href="http://www.securityfocus.com/bid/103007" target="_blank">BID</a><br /><a href="https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">trixbox -- trixbox</td><td style="text-align: left;">trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14535" target="_blank">CVE-2017-14535</a><br /><a href="http://www.securityfocus.com/bid/103004" target="_blank">BID</a><br /><a href="https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/" target="_blank">MISC</a><br /><a href="https://twitter.com/tiger_tigerboy/status/962689803270500352" target="_blank">MISC</a><br /><a href="https://www.linkedin.com/pulse/trixbox-os-command-injection-vulnerability-sachin-wagh-ceh-ecsa-/?published=t" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">typesetter -- typesetter</td><td style="text-align: left;">An issue was discovered in Typesetter 5.1. The User Permissions page (aka Admin/Users) suffers from critical flaw of Cross Site Request forgery: using a forged HTTP request, a malicious user can lead a user to unknowingly create / delete or modify a user account due to the lack of an anti-CSRF token.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6888" target="_blank">CVE-2018-6888</a><br /><a href="https://securitywarrior9.blogspot.in/2018/02/cross-site-request-forgery-type-setter.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">typesetter -- typesetter</td><td style="text-align: left;">An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password reset attacks or even trigger arbitrary user re-direction.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6889" target="_blank">CVE-2018-6889</a><br /><a href="https://securitywarrior9.blogspot.in/2018/02/host-header-injection-type-setter-cms-51.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ubuntu -- shadow</td><td style="text-align: left;">An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7169" target="_blank">CVE-2018-7169</a><br /><a href="https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">wago -- pfc200_series_3s_codesys_runtime</td><td style="text-align: left;">An Improper Authentication issue was discovered in WAGO PFC200 Series 3S CoDeSys Runtime versions 2.3.X and 2.4.X. An attacker can execute different unauthenticated remote operations because of the CoDeSys Runtime application, which is available via network by default on Port 2455. An attacker could execute some unauthenticated commands such as reading, writing, or deleting arbitrary files, or manipulate the PLC application during runtime by sending specially-crafted TCP packets to Port 2455.</td><td style="text-align: center;">2018-02-13</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5459" target="_blank">CVE-2018-5459</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-044-01" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">wordpress -- wordpress</td><td style="text-align: left;">Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js.</td><td style="text-align: center;">2018-02-11</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6891" target="_blank">CVE-2018-6891</a><br /><a href="https://wordpress.org/plugins/bookly-responsive-appointment-booking-tool/#developers" target="_blank">MISC</a><br /><a href="https://www.gubello.me/blog/bookly-blind-stored-xss/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">wordpress -- wordpress</td><td style="text-align: left;">core/lib/upload/um-file-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6944" target="_blank">CVE-2018-6944</a><br /><a href="https://packetstormsecurity.com/files/146403/WordPress-UltimateMember-2.0-Cross-Site-Scripting.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">wordpress -- wordpress</td><td style="text-align: left;">core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable.</td><td style="text-align: center;">2018-02-16</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6943" target="_blank">CVE-2018-6943</a><br /><a href="https://packetstormsecurity.com/files/146403/WordPress-UltimateMember-2.0-Cross-Site-Scripting.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">xpdf -- xpdf</td><td style="text-align: left;">A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7173" target="_blank">CVE-2018-7173</a><br /><a href="https://forum.xpdfreader.com/viewtopic.php?f=3&amp;t=607" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">xpdf -- xpdf</td><td style="text-align: left;">An issue was discovered in xpdf 4.00. A NULL pointer dereference in readCodestream allows an attacker to cause denial of service via a JPX image with zero components.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7175" target="_blank">CVE-2018-7175</a><br /><a href="https://forum.xpdfreader.com/viewtopic.php?f=3&amp;t=613" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">xpdf -- xpdf</td><td style="text-align: left;">An issue was discovered in xpdf 4.00. An infinite loop in XRef::Xref allows an attacker to cause denial of service because loop detection exists only for tables, not streams.</td><td style="text-align: center;">2018-02-15</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-7174" target="_blank">CVE-2018-7174</a><br /><a href="https://forum.xpdfreader.com/viewtopic.php?f=3&amp;t=605" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">zziplib -- zziplib</td><td style="text-align: left;">In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a crash in the __zzip_parse_root_directory function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6869" target="_blank">CVE-2018-6869</a><br /><a href="http://www.securityfocus.com/bid/103050" target="_blank">BID</a><br /><a href="https://github.com/gdraheim/zziplib/issues/22" target="_blank">MISC</a></td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div> <hr /> <p>This product is provided subject to this <a href="http://www.us-cert.gov/privacy/notification">Notification</a> and this <a href="http://www.us-cert.gov/privacy/">Privacy &amp; Use</a> policy.</p> <br />
    SB18-050: Vulnerability Summary for the Week of February 12, 2018
  • Mon, 12 Feb 2018 05:46:58 +0000 Original release date: February 12, 2018 <br /> <p>The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the <a href="http://www.nist.gov">National Institute of Standards and Technology</a> (NIST) <a href="http://nvd.nist.gov">National Vulnerability Database</a> (NVD) in the past week. The NVD is sponsored by the <a href="http://www.dhs.gov">Department of Homeland Security</a> (DHS) <a href="https://www.us-cert.gov/nccic">National Cybersecurity and Communications Integration Center</a> (NCCIC) / <a href="https://www.us-cert.gov">United States Computer Emergency Readiness Team</a> (US-CERT). For modified or updated entries, please visit the <a href="http://nvd.nist.gov" target="_blank">NVD</a>, which contains historical vulnerability information.</p><p>The vulnerabilities are based on the <a href="http://cve.mitre.org/" target="_blank">CVE</a> vulnerability naming standard and are organized according to severity, determined by the <a href="http://nvd.nist.gov/cvss.cfm" target="_blank">Common Vulnerability Scoring System</a> (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:</p><ul><li><p><strong><a href="#high">High</a></strong> - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0</p></li><li><p><strong><a href="#medium">Medium</a></strong> - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9</p></li><li><p><strong><a href="#low">Low</a></strong> - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9</p></li></ul><p>Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.</p> <p><a id="high" name="high"> </a></p><div id="high_v"><h2 id="high_v_title">High Vulnerabilities</h2><table align="center" border="1" summary="High Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no high vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="medium" name="medium"> </a></p><div id="medium_v"><h2 id="medium_v_title">Medium Vulnerabilities</h2><table align="center" border="1" summary="Medium Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no medium vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="low" name="low"> </a></p><div id="low_v"><h2 id="low_v_title">Low Vulnerabilities</h2><table align="center" border="1" summary="Low Vulnerabilities"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td align="center" colspan="5">There were no low vulnerabilities recorded this week.</td></tr></tbody></table><a href="https://www.us-cert.gov#top">Back to top</a></div><p><a id="severity_not_yet_assigned" name="severity_not_yet_assigned"> </a></p><div id="snya_v"><h2 id="snya_v_title">Severity Not Yet Assigned</h2><table align="center" border="1" id="table_severity_not_yet_assigned" summary="Severity Not Yet Assigned"><thead><tr><th class="vendor-product" scope="col" style="width: 24%;">Primary<br />Vendor -- Product</th><th scope="col" style="width: 44%;">Description</th><th scope="col" style="width: 8%;">Published</th><th scope="col" style="width: 4%;">CVSS Score</th><th scope="col" style="width: 10%;">Source &amp; Patch Info</th></tr></thead><tbody><tr><td class="vendor-product" scope="row" style="text-align: left;">abrt -- abrt<br /> </td><td style="text-align: left;">The crash reporting feature in Abrt allows local users to gain privileges by leveraging an execve by root after a chroot into a user-specified directory in a namedspaced environment.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1862" target="_blank">CVE-2015-1862</a><br /><a href="http://packetstormsecurity.com/files/131422/Fedora-abrt-Race-Condition.html" target="_blank">MISC</a><br /><a href="http://packetstormsecurity.com/files/131423/Linux-Apport-Abrt-Local-Root-Exploit.html" target="_blank">MISC</a><br /><a href="http://packetstormsecurity.com/files/131429/Abrt-Apport-Race-Condition-Symlink.html" target="_blank">MISC</a><br /><a href="http://seclists.org/fulldisclosure/2015/Apr/34" target="_blank">FULLDISC</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/04/14/4" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/74263" target="_blank">BID</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1211223" target="_blank">CONFIRM</a><br /><a href="https://github.com/abrt/abrt/pull/810" target="_blank">CONFIRM</a><br /><a href="https://www.exploit-db.com/exploits/36746/" target="_blank">EXPLOIT-DB</a><br /><a href="https://www.exploit-db.com/exploits/36747/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">adobe -- flash_player<br /> </td><td style="text-align: left;">A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to quality of service functionality. A successful attack can lead to arbitrary code execution.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-4877" target="_blank">CVE-2018-4877</a><br /><a href="http://www.securityfocus.com/bid/102930" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0285" target="_blank">REDHAT</a><br /><a href="https://helpx.adobe.com/security/products/flash-player/apsb18-03.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">adobe -- flash_player<br /> </td><td style="text-align: left;">A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to the handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-4878" target="_blank">CVE-2018-4878</a><br /><a href="http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html" target="_blank">MISC</a><br /><a href="http://www.securityfocus.com/bid/102893" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040318" target="_blank">SECTRACK</a><br /><a href="https://access.redhat.com/errata/RHSA-2018:0285" target="_blank">REDHAT</a><br /><a href="https://helpx.adobe.com/security/products/flash-player/apsb18-03.html" target="_blank">MISC</a><br /><a href="https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/" target="_blank">MISC</a><br /><a href="https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html" target="_blank">MISC</a><br /><a href="https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/north-korean-hackers-allegedly-exploit-adobe-flash-player-vulnerability-cve-2018-4878-against-south-korean-targets" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">anymail -- anymail<br /> </td><td style="text-align: left;">webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail tracking events.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6596" target="_blank">CVE-2018-6596</a><br /><a href="https://bugs.debian.org/889450" target="_blank">CONFIRM</a><br /><a href="https://github.com/anymail/django-anymail/commit/c07998304b4a31df4c61deddcb03d3607a04691b" target="_blank">CONFIRM</a><br /><a href="https://github.com/anymail/django-anymail/commit/db586ede1fbb41dce21310ea28ae15a1cf1286c5" target="_blank">CONFIRM</a><br /><a href="https://github.com/anymail/django-anymail/releases/tag/v1.2.1" target="_blank">CONFIRM</a><br /><a href="https://github.com/anymail/django-anymail/releases/tag/v1.3" target="_blank">CONFIRM</a><br /><a href="https://www.debian.org/security/2018/dsa-4107" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- allura<br /> </td><td style="text-align: left;">In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it and leave Allura vulnerable.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1299" target="_blank">CVE-2018-1299</a><br /><a href="https://allura.apache.org/posts/2018-allura-1.8.0.html" target="_blank">CONFIRM</a><br /><a href="https://lists.apache.org/thread.html/b52069073cf3cb0f84c9e1e2b34d411fc163af39e4f3e50712ac8a4d@%3Cdev.allura.apache.org%3E" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- cloudstack<br /> </td><td style="text-align: left;">In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4317" target="_blank">CVE-2013-4317</a><br /><a href="http://seclists.org/oss-sec/2018/q1/1" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- cloudstack<br /> </td><td style="text-align: left;">Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-"root") CloudStack user, the malicious user may be able to reset the API keys for the other user, in turn accessing their account and resources.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6813" target="_blank">CVE-2016-6813</a><br /><a href="http://mail-archives.apache.org/mod_mbox/www-announce/201610.mbox/%3CCAJtfqCupOYQoNY2BNx86_zauses_MpmpiX8WciO_DEaWp6uNig@mail.gmail.com%3E" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/93945" target="_blank">BID</a><br /><a href="https://s.apache.org/qV5l" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- juddi<br /> </td><td style="text-align: left;">In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then mediates the data structures into UDDI data structures, there are little protections present against entity expansion and DTD type of attacks. Mitigation is to use 3.3.5.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1307" target="_blank">CVE-2018-1307</a><br /><a href="http://juddi.apache.org/security.html" target="_blank">CONFIRM</a><br /><a href="https://issues.apache.org/jira/browse/JUDDI-987" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- mod-gnutls<br /> </td><td style="text-align: left;">mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5144" target="_blank">CVE-2009-5144</a><br /><a href="http://issues.outoforder.cc/view.php?id=93" target="_blank">CONFIRM</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/02/26/6" target="_blank">MLIST</a><br /><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=578663" target="_blank">CONFIRM</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1197127" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apache -- qpid_broker<br /> </td><td style="text-align: left;">A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1298" target="_blank">CVE-2018-1298</a><br /><a href="https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apport -- apport<br /> </td><td style="text-align: left;">Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14177" target="_blank">CVE-2017-14177</a><br /><a href="https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171" target="_blank">CONFIRM</a><br /><a href="https://launchpad.net/bugs/1726372" target="_blank">CONFIRM</a><br /><a href="https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14177" target="_blank">CONFIRM</a><br /><a href="https://usn.ubuntu.com/usn/usn-3480-1" target="_blank">UBUNTU</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apport -- apport<br /> </td><td style="text-align: left;">Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14180" target="_blank">CVE-2017-14180</a><br /><a href="https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171" target="_blank">CONFIRM</a><br /><a href="https://launchpad.net/bugs/1726372" target="_blank">CONFIRM</a><br /><a href="https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14180" target="_blank">CONFIRM</a><br /><a href="https://usn.ubuntu.com/usn/usn-3480-1" target="_blank">UBUNTU</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">apport -- apport<br /> </td><td style="text-align: left;">Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-14179" target="_blank">CVE-2017-14179</a><br /><a href="https://launchpad.net/bugs/1726372" target="_blank">CONFIRM</a><br /><a href="https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14179" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">armmbed -- mbedtls<br /> </td><td style="text-align: left;">ARM mbedTLS version development branch, 2.7.0 and earlier contains a CWE-670, Incorrect condition control flow leading to incorrect return, leading to data loss vulnerability in ssl_write_real(), library/ssl_tls.c:7142 that can result in Leads to data loss, can be escalated to DoS and authorization bypass in application protocols. This attack appear to be exploitable via network connectivity.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000061" target="_blank">CVE-2018-1000061</a><br /><a href="https://github.com/ARMmbed/mbedtls/issues/1356" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">artifex -- mupdf<br /> </td><td style="text-align: left;">pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6544" target="_blank">CVE-2018-6544</a><br /><a href="http://git.ghostscript.com/?p=mupdf.git;h=26527eef77b3e51c2258c8e40845bfbc015e405d" target="_blank">MISC</a><br /><a href="http://git.ghostscript.com/?p=mupdf.git;h=b03def134988da8c800adac1a38a41a1f09a1d89" target="_blank">MISC</a><br /><a href="https://bugs.ghostscript.com/show_bug.cgi?id=698830" target="_blank">MISC</a><br /><a href="https://bugs.ghostscript.com/show_bug.cgi?id=698965" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">artifex -- mupdf<br /> </td><td style="text-align: left;">Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000051" target="_blank">CVE-2018-1000051</a><br /><a href="https://bugs.ghostscript.com/show_bug.cgi?id=698825" target="_blank">CONFIRM</a><br /><a href="https://bugs.ghostscript.com/show_bug.cgi?id=698873" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The viewDeploymentVersionCommits resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18040" target="_blank">CVE-2017-18040</a><br /><a href="https://jira.atlassian.com/browse/BAM-19661" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18042" target="_blank">CVE-2017-18042</a><br /><a href="https://jira.atlassian.com/browse/BAM-19663" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The plan configure branches resource in Atlassian Bamboo before version 6.2.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the name of a branch.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18082" target="_blank">CVE-2017-18082</a><br /><a href="https://jira.atlassian.com/browse/BAM-19666" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18080" target="_blank">CVE-2017-18080</a><br /><a href="https://jira.atlassian.com/browse/BAM-19664" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The signupUser resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the value of the csrf token cookie.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18081" target="_blank">CVE-2017-18081</a><br /><a href="https://jira.atlassian.com/browse/BAM-19665" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bamboo<br /> </td><td style="text-align: left;">The viewDeploymentVersionJiraIssuesDialog resource in Atlassian Bamboo before version 6.2.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a release.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18041" target="_blank">CVE-2017-18041</a><br /><a href="https://jira.atlassian.com/browse/BAM-19662" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bitbucket_server<br /> </td><td style="text-align: left;">The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) and before 5.6.0 allows remote attackers to read arbitrary files via a path traversal vulnerability through the name of a git tag.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18037" target="_blank">CVE-2017-18037</a><br /><a href="https://jira.atlassian.com/browse/BSERV-10595" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bitbucket_server<br /> </td><td style="text-align: left;">The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18036" target="_blank">CVE-2017-18036</a><br /><a href="http://www.securityfocus.com/bid/102932" target="_blank">BID</a><br /><a href="https://jira.atlassian.com/browse/BSERV-10591" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- bitbucket_server<br /> </td><td style="text-align: left;">The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18038" target="_blank">CVE-2017-18038</a><br /><a href="https://jira.atlassian.com/browse/BSERV-10592" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- confluence_server</td><td style="text-align: left;">The viewdefaultdecorator resource in Atlassian Confluence Server before version 6.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the key parameter.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18085" target="_blank">CVE-2017-18085</a><br /><a href="https://jira.atlassian.com/browse/CONFSERVER-54905" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- confluence_server<br /> </td><td style="text-align: left;">The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18083" target="_blank">CVE-2017-18083</a><br /><a href="https://jira.atlassian.com/browse/CONFSERVER-54903" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- confluence_server<br /> </td><td style="text-align: left;">Various resources in Atlassian Confluence Server before version 6.4.2 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuesURL parameter.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18086" target="_blank">CVE-2017-18086</a><br /><a href="https://jira.atlassian.com/browse/CONFSERVER-54907" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- confluence_server<br /> </td><td style="text-align: left;">The usermacros resource in Atlassian Confluence Server before version 6.3.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the description of a macro.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18084" target="_blank">CVE-2017-18084</a><br /><a href="https://jira.atlassian.com/browse/CONFSERVER-54904" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- fisheye_and_crucible<br /> </td><td style="text-align: left;">The /rest/review-coverage-chart/1.0/data/&lt;repository_name&gt;/.json resource in Atlassian Fisheye and Crucible before version 4.5.1 and 4.6.0 was missing a permissions check, this allows remote attackers who do not have access to a particular repository to determine its existence and access review coverage statistics for it.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18035" target="_blank">CVE-2017-18035</a><br /><a href="https://jira.atlassian.com/browse/CRUC-8163" target="_blank">CONFIRM</a><br /><a href="https://jira.atlassian.com/browse/FE-6996" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- fisheye_and_crucible<br /> </td><td style="text-align: left;">The source browse resource in Atlassian FishEye and Crucible before version 4.5.1 and 4.6.0 allows allows remote attackers that have write access to an indexed repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in via a specially crafted repository branch name when trying to display deleted files of the branch.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18034" target="_blank">CVE-2017-18034</a><br /><a href="https://jira.atlassian.com/browse/CRUC-8161" target="_blank">CONFIRM</a><br /><a href="https://jira.atlassian.com/browse/FE-6994" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">atlassian -- jira<br /> </td><td style="text-align: left;">The IncomingMailServers resource in Atlassian Jira from version 6.2.1 before version 7.4.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18039" target="_blank">CVE-2017-18039</a><br /><a href="https://jira.atlassian.com/browse/JRASERVER-66719" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">audacity -- audacity<br /> </td><td style="text-align: left;">Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted FORMATCHUNK structure.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2540" target="_blank">CVE-2016-2540</a><br /><a href="http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2" target="_blank">CONFIRM</a><br /><a href="https://fortiguard.com/zeroday/FG-VD-15-116" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">audacity -- audacity<br /> </td><td style="text-align: left;">Audacity before 2.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted MP2 file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2541" target="_blank">CVE-2016-2541</a><br /><a href="http://wiki.audacityteam.org/wiki/Release_Notes_2.1.2" target="_blank">CONFIRM</a><br /><a href="https://fortiguard.com/zeroday/FG-VD-15-118" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">avaya -- aura<br /> </td><td style="text-align: left;">System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6635" target="_blank">CVE-2018-6635</a><br /><a href="http://www.securityfocus.com/bid/102940" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040329" target="_blank">SECTRACK</a><br /><a href="https://downloads.avaya.com/css/P8/documents/101038598" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">bitpay -- insight-api<br /> </td><td style="text-align: left;">Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CWE-20: input validation vulnerability in transaction broadcast endpoint that can result in Full Path Disclosure. This attack appear to be exploitable via Web request.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000023" target="_blank">CVE-2018-1000023</a><br /><a href="https://github.com/bitpay/insight-api/issues/542" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">boot2docker -- boot2docker</td><td style="text-align: left;">Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5282" target="_blank">CVE-2014-5282</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1168436" target="_blank">CONFIRM</a><br /><a href="https://groups.google.com/forum/#%21msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">boot2docker -- boot2docker<br /> </td><td style="text-align: left;">boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery (CSRF) attacks by leveraging Docker daemons enabling TCP connections without TLS authentication.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5280" target="_blank">CVE-2014-5280</a><br /><a href="https://groups.google.com/forum/#%21msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">boot2docker -- boot2docker<br /> </td><td style="text-align: left;">The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5279" target="_blank">CVE-2014-5279</a><br /><a href="https://groups.google.com/forum/#%21msg/docker-announce/aQoVmQlcE0A/smPuBNYf8VwJ" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">borg -- borg_servers<br /> </td><td style="text-align: left;">Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15914" target="_blank">CVE-2017-15914</a><br /><a href="http://borgbackup.readthedocs.io/en/stable/changes.html#version-1-1-3-2017-11-27" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">brocade -- fabric_os<br /> </td><td style="text-align: left;">Cross-site scripting (XSS) vulnerability in the web-based management interface of Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow remote attackers to execute arbitrary code or access sensitive browser-based information.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6225" target="_blank">CVE-2017-6225</a><br /><a href="http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2018-525.htm" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">brocade -- fabric_os<br /> </td><td style="text-align: left;">A vulnerability in the IPv6 stack on Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) versions before 7.4.2b, 8.1.2 and 8.2.0 could allow an attacker to cause a denial of service (CPU consumption and device hang) condition by sending crafted Router Advertisement (RA) messages to a targeted system.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6227" target="_blank">CVE-2017-6227</a><br /><a href="http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2018-526.htm" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">canvs_canvas -- canvs_canvas<br /> </td><td style="text-align: left;">Canvs Canvas version 3.4.2 contains a Cross Site Scripting (XSS) vulnerability in User's details that can result in denial of service and execution of javascript code.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000507" target="_blank">CVE-2017-1000507</a><br /><a href="https://github.com/cnvs/canvas/issues/359" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12412" target="_blank">CVE-2017-12412</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/128" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers to cause a denial of service (application crash) via vectors involving packets with "wrong L values."</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12473" target="_blank">CVE-2017-12473</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/139" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12463" target="_blank">CVE-2017-12463</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/129" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the typ and vallen variables.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12470" target="_blank">CVE-2017-12470</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/136" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12464" target="_blank">CVE-2017-12464</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/130" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12466" target="_blank">CVE-2017-12466</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/132" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging incorrect memory allocation.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12469" target="_blank">CVE-2017-12469</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/135" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12467" target="_blank">CVE-2017-12467</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/133" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse function.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12465" target="_blank">CVE-2017-12465</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/131" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12468" target="_blank">CVE-2017-12468</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/134" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12471" target="_blank">CVE-2017-12471</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/137" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ccn-lite -- ccn-lite<br /> </td><td style="text-align: left;">ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-12472" target="_blank">CVE-2017-12472</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/issues/138" target="_blank">CONFIRM</a><br /><a href="https://github.com/cn-uofbasel/ccn-lite/releases/tag/2.0.0" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- data_center_analytics_framework<br /> </td><td style="text-align: left;">A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvh02088.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0129" target="_blank">CVE-2018-0129</a><br /><a href="http://www.securityfocus.com/bid/102959" target="_blank">BID</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-dcaf1" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- data_center_analytics_framework<br /> </td><td style="text-align: left;">A vulnerability in the web-based management interface of Cisco Data Center Analytics Framework could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvh02082.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0128" target="_blank">CVE-2018-0128</a><br /><a href="http://www.securityfocus.com/bid/102960" target="_blank">BID</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-dcaf" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- email_security_appliance_and _content_security_management_appliance<br /> </td><td style="text-align: left;">A vulnerability in the spam quarantine of Cisco Email Security Appliance and Cisco Content Security Management Appliance could allow an authenticated, remote attacker to download any message from the spam quarantine by modifying browser string information. The vulnerability is due to a lack of verification of authenticated user accounts. An attacker could exploit this vulnerability by modifying browser strings to see messages submitted by other users to the spam quarantine within their company. Cisco Bug IDs: CSCvg39759, CSCvg42295.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0140" target="_blank">CVE-2018-0140</a><br /><a href="http://www.securitytracker.com/id/1040338" target="_blank">SECTRACK</a><br /><a href="http://www.securitytracker.com/id/1040339" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-esacsm" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- firepower_system_software<br /> </td><td style="text-align: left;">A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit could allow the attacker to bypass file policies that are configured to block files transmitted to the affected device via the BitTorrent protocol. Cisco Bug IDs: CSCve26946.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0138" target="_blank">CVE-2018-0138</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-fss" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- ios_and_ios_xe_software<br /> </td><td style="text-align: left;">A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell. The vulnerability is due to lack of proper input validation for certain diagnostic shell commands. An attacker could exploit this vulnerability by authenticating to the device, entering the diagnostic shell, and providing crafted user input to commands at the local diagnostic shell CLI. Successful exploitation could allow the attacker to overwrite system files that should be restricted. Cisco Bug IDs: CSCvg41950.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0123" target="_blank">CVE-2018-0123</a><br /><a href="http://www.securitytracker.com/id/1040346" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ios" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- ios_xr_software</td><td style="text-align: left;">A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of extremely long routing updates. An attacker could exploit this vulnerability by sending a large routing update. A successful exploit could allow the attacker to trigger inconsistency between the FIB and the RIB, resulting in a DoS condition. Cisco Bug IDs: CSCus84718.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0132" target="_blank">CVE-2018-0132</a><br /><a href="http://www.securitytracker.com/id/1040344" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-iosxr" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- policy_suite<br /> </td><td style="text-align: left;">A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to determine whether a subscriber username is valid. The vulnerability occurs because the Cisco Policy Suite RADIUS server component returns different authentication failure messages based on the validity of usernames. An attacker could use these messages to determine whether a valid subscriber username has been identified. The attacker could use this information in subsequent attacks against the system. Cisco Bug IDs: CSCvg47830.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0134" target="_blank">CVE-2018-0134</a><br /><a href="http://www.securityfocus.com/bid/102954" target="_blank">BID</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cps1" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>cisco -- policy_suite</p><br /> </td><td style="text-align: left;">A vulnerability in the RADIUS authentication module of Cisco Policy Suite could allow an unauthenticated, remote attacker to be authorized as a subscriber without providing a valid password; however, the attacker must provide a valid username. The vulnerability is due to incorrect RADIUS user credential validation. An attacker could exploit this vulnerability by attempting to access a Cisco Policy Suite domain configured with RADIUS authentication. An exploit could allow the attacker to be authorized as a subscriber without providing a valid password. This vulnerability affects the Cisco Policy Suite application running a release prior to 13.1.0 with Hotfix Patch 1 when RADIUS authentication is configured for a domain. Cisco Policy Suite Release 14.0.0 is also affected, as it includes vulnerable code, but RADIUS authentication is not officially supported in Cisco Policy Suite Releases 14.0.0 and later. Cisco Bug IDs: CSCvg40124.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0116" target="_blank">CVE-2018-0116</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cps" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>cisco -- prime_network</p><br /> </td><td style="text-align: left;">A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could exploit this vulnerability by sending the affected device a high rate of TCP SYN packets to the local IP address of the targeted application. A successful exploit could allow the attacker to cause the device to consume a high amount of memory and become slow, or to stop accepting new TCP connections to the application. Cisco Bug IDs: CSCvg48152.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0137" target="_blank">CVE-2018-0137</a><br /><a href="http://www.securityfocus.com/bid/102955" target="_blank">BID</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cpn" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>cisco -- rv132w_adsl2+_wireless-n_vpn_ and _rv134w_vdsl2_wireless-ac_vpn_routers</p><br /> </td><td style="text-align: left;">A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to the absence of user authentication requirements for certain pages that are part of the web interface and contain confidential information for an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device and examining the HTTP response to the request. A successful exploit could allow the attacker to view configuration parameters, including the administrator password, for the affected device. Cisco Bug IDs: CSCvg92739, CSCvh60172.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0127" target="_blank">CVE-2018-0127</a><br /><a href="http://www.securitytracker.com/id/1040345" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x_2" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- rv132w_adsl2+_wireless-n_vpn_and_rv134w_vdsl2_wireless-ac_vpn_routers<br /> </td><td style="text-align: left;">A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2+ Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0125" target="_blank">CVE-2018-0125</a><br /><a href="http://www.securitytracker.com/id/1040336" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- spark<br /> </td><td style="text-align: left;">A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device that would normally be prohibited. The vulnerability is due to the improper display of user-account tokens generated in the system. An attacker could exploit this vulnerability by logging in to the device with a token in use by another account. Successful exploitation could allow the attacker to cause a partial impact to the device's confidentiality, integrity, and availability. Cisco Bug IDs: CSCvg05206.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0119" target="_blank">CVE-2018-0119</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-spark" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;"><p>cisco -- staros_operating_system_for_cisco_asr_5000_series_aggregation_services_routers</p><br /> </td><td style="text-align: left;">A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0122" target="_blank">CVE-2018-0122</a><br /><a href="http://www.securitytracker.com/id/1040340" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- ucs_central<br /> </td><td style="text-align: left;">A vulnerability in an operations script of Cisco UCS Central could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the daemon user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by posting a crafted request to the user interface of Cisco UCS Central. This vulnerability affects Cisco UCS Central Software prior to Release 2.0(1c). Cisco Bug IDs: CSCve70825.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0113" target="_blank">CVE-2018-0113</a><br /><a href="http://www.securitytracker.com/id/1040337" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ucsc" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- unified_communications_manager<br /> </td><td style="text-align: left;">A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software improperly validates user-supplied search input. An attacker could exploit this vulnerability by sending malicious requests to an affected system. A successful exploit could allow the attacker to retrieve sensitive information from the affected system. Cisco Bug IDs: CSCvf17644.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0135" target="_blank">CVE-2018-0135</a><br /><a href="http://www.securitytracker.com/id/1040343" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-ucm" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- unified_communications_manager<br /> </td><td style="text-align: left;">A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerability exists because the affected software fails to validate user-supplied input in certain SQL queries that bypass protection filters. An attacker could exploit this vulnerability by submitting crafted HTTP requests that contain malicious SQL statements to an affected system. A successful exploit could allow the attacker to determine the presence of certain values in the database of the affected system. Cisco Bug IDs: CSCvg74810.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0120" target="_blank">CVE-2018-0120</a><br /><a href="http://www.securityfocus.com/bid/102958" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1040341" target="_blank">SECTRACK</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cucm" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cisco -- virtualized_packet_core-distributed_instance_software</td><td style="text-align: left;">A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0117" target="_blank">CVE-2018-0117</a><br /><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">claymore -- dual_gpu_miner<br /> </td><td style="text-align: left;">The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6317" target="_blank">CVE-2018-6317</a><br /><a href="https://medium.com/@res1n/claymore-dual-gpu-miner-10-5-format-strings-vulnerability-916ab3d2db30" target="_blank">MISC</a><br /><a href="https://www.exploit-db.com/exploits/43972/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">claymore -- dual_gpu_miner<br /> </td><td style="text-align: left;">nanopool Claymore Dual Miner version 7.3 and earlier contains a Remote Code Execution vulnerability in API that can result in RCE by abusing the remote manager API. This attack appear to be exploitable via The victim must run the miner with read/write mode enabled.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000049" target="_blank">CVE-2018-1000049</a><br /><a href="https://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Execution/" target="_blank">MISC</a><br /><a href="https://twitter.com/ReverseBrain/status/951850534985662464" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cloudera -- cloudera<br /> </td><td style="text-align: left;">An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. Several web application vulnerabilities allow malicious authenticated users of CDSW to escalate privileges in CDSW. CDSW users can exploit these vulnerabilities in combination to gain root access to CDSW nodes, gain access to the CDSW database which includes Kerberos keytabs of CDSW users and bcrypt hashed passwords, and gain access to other privileged information such as session tokens, invitation tokens, and environment variables.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15536" target="_blank">CVE-2017-15536</a><br /><a href="https://www.cloudera.com/documentation/other/security-bulletins/topics/Security-Bulletin.html#tsb_248" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">cozy -- cozy<br /> </td><td style="text-align: left;">Cozy has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an 'email:"attacker@example.com"' request, which can be followed by a password reset.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6824" target="_blank">CVE-2018-6824</a><br /><a href="http://www.lynxsecurity.io/releases/XSS%20to%20Account%20Takeover%20in%20Cozy%20Cloud.pdf" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">croogo -- croogo<br /> </td><td style="text-align: left;">Croogo version 2.3.1-17-g6f82e6c contains a Cross Site Scripting (XSS) vulnerability in Page name that can result in execution of javascript code.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000510" target="_blank">CVE-2017-1000510</a><br /><a href="https://github.com/croogo/croogo/issues/847" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">django -- django<br /> </td><td style="text-align: left;">django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6188" target="_blank">CVE-2018-6188</a><br /><a href="https://www.djangoproject.com/weblog/2018/feb/01/security-releases/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dojo -- dojo_toolkit<br /> </td><td style="text-align: left;">dijit.Editor in Dojo Toolkit 1.13 allows XSS via the onload attribute of an SVG element.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6561" target="_blank">CVE-2018-6561</a><br /><a href="https://github.com/imsebao/404team/blob/master/dijit_editor_xss.md" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dokuwiki -- dokuwiki<br /> </td><td style="text-align: left;">The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18123" target="_blank">CVE-2017-18123</a><br /><a href="https://github.com/splitbrain/dokuwiki/commit/238b8e878ad48f370903465192b57c2072f65d86" target="_blank">MISC</a><br /><a href="https://github.com/splitbrain/dokuwiki/issues/2029" target="_blank">MISC</a><br /><a href="https://github.com/splitbrain/dokuwiki/pull/2019" target="_blank">MISC</a><br /><a href="https://hackerone.com/reports/238316" target="_blank">MISC</a><br /><a href="https://lists.debian.org/debian-lts-announce/2018/02/msg00004.html" target="_blank">MLIST</a><br /><a href="https://vulnhive.com/2018/000004" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">dolibarr -- dolibarr<br /> </td><td style="text-align: left;">Dolibarr version 6.0.2 contains a Cross Site Scripting (XSS) vulnerability in Product details that can result in execution of javascript code.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000509" target="_blank">CVE-2017-1000509</a><br /><a href="https://github.com/Dolibarr/dolibarr/issues/7727" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">echor -- echor</td><td style="text-align: left;">The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1834" target="_blank">CVE-2014-1834</a><br /><a href="http://www.openwall.com/lists/oss-security/2014/01/31/10" target="_blank">MLIST</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">echor -- echor<br /> </td><td style="text-align: left;">The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1835" target="_blank">CVE-2014-1835</a><br /><a href="http://www.openwall.com/lists/oss-security/2014/01/31/10" target="_blank">MLIST</a><br /><a href="http://xforce.iss.net/xforce/xfdb/90858" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">edx -- edx<br /> </td><td style="text-align: left;">The Ansible edxapp role in the Configuration Repo in edX allows remote websites to spoof edX accounts by leveraging use of the string literal "False" instead of a boolean False for the CORS_ORIGIN_ALLOW_ALL setting. Note: this vulnerability was fixed on 2015-03-06, but the version number was not changed.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2186" target="_blank">CVE-2015-2186</a><br /><a href="https://github.com/edx/configuration/pull/1885/files" target="_blank">CONFIRM</a><br /><a href="https://open.edx.org/CVE-2015-2186" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">efront -- cms<br /> </td><td style="text-align: left;">Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4461" target="_blank">CVE-2015-4461</a><br /><a href="http://forum.efrontlearning.net/viewtopic.php?f=15&amp;t=9841" target="_blank">CONFIRM</a><br /><a href="https://mohankallepalli.blogspot.in/2015/05/eFront-cms-multiple-bugs.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">electrum_technologies -- electrum_bitcoin_wallet<br /> </td><td style="text-align: left;">Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a Missing Authorization vulnerability in JSONRPC interface that can result in Bitcoin theft, if the user's wallet is not password protected. This attack appear to be exploitable via The victim must visit a web page with specially crafted javascript. This vulnerability appears to have been fixed in 3.0.5.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000022" target="_blank">CVE-2018-1000022</a><br /><a href="https://bitcointalk.org/index.php?topic=2702103.0" target="_blank">MISC</a><br /><a href="https://electrum.org/#home" target="_blank">MISC</a><br /><a href="https://github.com/spesmilo/electrum/issues/3374" target="_blank">CONFIRM</a><br /><a href="https://www.reddit.com/r/Bitcoin/comments/7ooack/critical_electrum_vulnerability/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">emc -- recoverpoint<br /> </td><td style="text-align: left;">An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Boxmgmt CLI may allow a malicious user with boxmgmt privileges to bypass Boxmgmt CLI and run arbitrary commands with root privileges.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1184" target="_blank">CVE-2018-1184</a><br /><a href="http://seclists.org/fulldisclosure/2018/Feb/9" target="_blank">CONFIRM</a><br /><a href="http://www.securitytracker.com/id/1040320" target="_blank">SECTRACK</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">emc -- recoverpoint<br /> </td><td style="text-align: left;">An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Command injection vulnerability in Admin CLI may allow a malicious user with admin privileges to escape from the restricted shell to an interactive shell and run arbitrary commands with root privileges.</td><td style="text-align: center;">2018-02-03</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1185" target="_blank">CVE-2018-1185</a><br /><a href="http://seclists.org/fulldisclosure/2018/Feb/9" target="_blank">CONFIRM</a><br /><a href="http://www.securitytracker.com/id/1040320" target="_blank">SECTRACK</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">epson -- airprint<br /> </td><td style="text-align: left;">Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5550" target="_blank">CVE-2018-5550</a><br /><a href="https://blog.rapid7.com/2018/02/08/r7-2017-28-epson-airprint-xss-cve-2018-5550/" target="_blank">MISC</a><br /><a href="https://epson.com/support/wa00860" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ether -- etherpad_lite<br /> </td><td style="text-align: left;">static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6834" target="_blank">CVE-2018-6834</a><br /><a href="https://github.com/ether/etherpad-lite/commit/a03422b09468cdd5f192b05643311c705447588b" target="_blank">CONFIRM</a><br /><a href="https://github.com/ether/etherpad-lite/releases/tag/1.6.3" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ether -- etherpad_lite<br /> </td><td style="text-align: left;">node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6835" target="_blank">CVE-2018-6835</a><br /><a href="https://github.com/ether/etherpad-lite/commit/626e58cc5af1db3691b41fca7b06c28ea43141b1" target="_blank">CONFIRM</a><br /><a href="https://github.com/ether/etherpad-lite/releases/tag/1.6.3" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">exim -- exim<br /> </td><td style="text-align: left;">An issue was discovered in the SMTP listener in Exim 4.90 and earlier. By sending a handcrafted message, a buffer overflow may happen in a specific function. This can be used to execute code remotely.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6789" target="_blank">CVE-2018-6789</a><br /><a href="http://www.openwall.com/lists/oss-security/2018/02/07/2" target="_blank">MLIST</a><br /><a href="https://exim.org/static/doc/security/CVE-2018-6789.txt" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing</td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5787" target="_blank">CVE-2018-5787</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5793" target="_blank">CVE-2018-5793</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5791" target="_blank">CVE-2018-5791</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5792" target="_blank">CVE-2018-5792</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smint_encrypt Hardcoded AES Key that can be used for packet decryption (obtaining cleartext credentials) by an attacker who has access to a wired port.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5797" target="_blank">CVE-2018-5797</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is Remote, Unauthenticated "Global" Denial of Service in the RIM (Radio Interface Module) over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5790" target="_blank">CVE-2018-5790</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Denial of Service in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5788" target="_blank">CVE-2018-5788</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is No Authentication for the AeroScout Service via a crafted UDP packet.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5794" target="_blank">CVE-2018-5794</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5789" target="_blank">CVE-2018-5789</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is Arbitrary File Write from the WebGUI on the WiNG Access Point / Controller.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5795" target="_blank">CVE-2018-5795</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">extreme_networks -- extremewireless_wing<br /> </td><td style="text-align: left;">An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5796" target="_blank">CVE-2018-5796</a><br /><a href="https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ezcode -- event_manager<br /> </td><td style="text-align: left;">SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6576" target="_blank">CVE-2018-6576</a><br /><a href="https://www.exploit-db.com/exploits/43949" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">f5 -- big-ip<br /> </td><td style="text-align: left;">In versions 13.0.0, 12.0.0-12.1.3, or 11.6.0-11.6.2, an F5 BIG-IP virtual server using the URL categorization feature may cause the Traffic Management Microkernel (TMM) to produce a core file when it receives malformed URLs during categorization.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6169" target="_blank">CVE-2017-6169</a><br /><a href="http://www.securitytracker.com/id/1040332" target="_blank">SECTRACK</a><br /><a href="https://support.f5.com/csp/article/K31404801" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fasterxml -- jackson-databind<br /> </td><td style="text-align: left;">A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15095" target="_blank">CVE-2017-15095</a><br /><a href="http://www.securitytracker.com/id/1039769" target="_blank">SECTRACK</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3189" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3190" target="_blank">REDHAT</a><br /><a href="https://github.com/FasterXML/jackson-databind/issues/1680" target="_blank">CONFIRM</a><br /><a href="https://github.com/FasterXML/jackson-databind/issues/1737" target="_blank">CONFIRM</a><br /><a href="https://security.netapp.com/advisory/ntap-20171214-0003/" target="_blank">CONFIRM</a><br /><a href="https://www.debian.org/security/2017/dsa-4037" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fasterxml -- jackson-databind<br /> </td><td style="text-align: left;">A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7525" target="_blank">CVE-2017-7525</a><br /><a href="http://www.securityfocus.com/bid/99623" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1039744" target="_blank">SECTRACK</a><br /><a href="http://www.securitytracker.com/id/1039947" target="_blank">SECTRACK</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1834" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1835" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1836" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1837" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1839" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:1840" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2477" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2546" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2547" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2633" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2635" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2636" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2637" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2638" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3141" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3454" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3455" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3456" target="_blank">REDHAT</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:3458" target="_blank">REDHAT</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1462702" target="_blank">CONFIRM</a><br /><a href="https://cwiki.apache.org/confluence/display/WW/S2-055" target="_blank">CONFIRM</a><br /><a href="https://github.com/FasterXML/jackson-databind/issues/1599" target="_blank">CONFIRM</a><br /><a href="https://github.com/FasterXML/jackson-databind/issues/1723" target="_blank">CONFIRM</a><br /><a href="https://security.netapp.com/advisory/ntap-20171214-0002/" target="_blank">CONFIRM</a><br /><a href="https://www.debian.org/security/2017/dsa-4004" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ffmpeg -- ffmpeg<br /> </td><td style="text-align: left;">Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5359" target="_blank">CVE-2012-5359</a><br /><a href="https://docs.microsoft.com/en-us/security-updates/VulnerabilityResearchAdvisories/2012/msvr12-017" target="_blank">MISC</a><br /><a href="https://www.ffmpeg.org/security.html" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ffmpeg -- ffmpeg<br /> </td><td style="text-align: left;">Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5360" target="_blank">CVE-2012-5360</a><br /><a href="https://docs.microsoft.com/en-us/security-updates/VulnerabilityResearchAdvisories/2012/msvr12-017" target="_blank">MISC</a><br /><a href="https://www.ffmpeg.org/security.html" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ffmpeg -- ffmpeg<br /> </td><td style="text-align: left;">The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6621" target="_blank">CVE-2018-6621</a><br /><a href="http://www.securityfocus.com/bid/102950" target="_blank">BID</a><br /><a href="https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/118e1b0b3370dd1c0da442901b486689efd1654b" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">firebase -- firebase<br /> </td><td style="text-align: left;">Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. This attack appear to be exploitable via Attacker would only need to know email address of the victim on most cases.. This vulnerability appears to have been fixed in 3.8.1.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000025" target="_blank">CVE-2018-1000025</a><br /><a href="https://github.com/kreait/firebase-php/pull/151" target="_blank">CONFIRM</a><br /><a href="https://github.com/kreait/firebase-php/releases/tag/3.8.1" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fishshell -- fish</td><td style="text-align: left;">fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3219" target="_blank">CVE-2014-3219</a><br /><a href="http://lists.fedoraproject.org/pipermail/package-announce/2014-May/132751.html" target="_blank">FEDORA</a><br /><a href="http://security.gentoo.org/glsa/glsa-201412-49.xml" target="_blank">GENTOO</a><br /><a href="http://www.openwall.com/lists/oss-security/2014/05/06/3" target="_blank">MLIST</a><br /><a href="http://www.openwall.com/lists/oss-security/2014/09/28/8" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/67115" target="_blank">BID</a><br /><a href="https://bugzilla.redhat.com/show_bug.cgi?id=1092091" target="_blank">CONFIRM</a><br /><a href="https://github.com/fish-shell/fish-shell/commit/3225d7e169a9edb2f470c26989e7bc8e0d0355ce" target="_blank">CONFIRM</a><br /><a href="https://github.com/fish-shell/fish-shell/issues/1440" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">flatpak -- flatpak<br /> </td><td style="text-align: left;">In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6560" target="_blank">CVE-2018-6560</a><br /><a href="https://github.com/flatpak/flatpak/commit/52346bf187b5a7f1c0fe9075b328b7ad6abe78f6" target="_blank">CONFIRM</a><br /><a href="https://github.com/flatpak/flatpak/releases/tag/0.10.3" target="_blank">CONFIRM</a><br /><a href="https://github.com/flatpak/flatpak/releases/tag/0.8.9" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">flexense -- diskboss<br /> </td><td style="text-align: left;">An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due to the usage of plaintext information from the handshake as input for the encryption key used for the encryption of the rest of the session, the server and client disclose sensitive information, such as the authentication credentials, to any man-in-the-middle (MiTM) listener.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5261" target="_blank">CVE-2018-5261</a><br /><a href="https://github.com/bitsadmin/exploits/tree/master/CVE-2018-5261" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">flexense -- syncbreeze_enterprise</td><td style="text-align: left;">A buffer overflow vulnerability in "Add command" functionality exists in Flexense SyncBreeze Enterprise &lt;= 10.3.14. The vulnerability can be triggered by an authenticated attacker who submits more than 5000 characters as the command name. It will cause termination of the SyncBreeze Enterprise server and possibly remote command execution with SYSTEM privilege.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17996" target="_blank">CVE-2017-17996</a><br /><a href="http://seclists.org/fulldisclosure/2018/Feb/10" target="_blank">FULLDISC</a><br /><a href="http://www.ryantzj.com/flexense-syncbreeze-entreprise-10314-buffer-overflow-seh-bypass.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">flexense -- syncbreeze_enterprise<br /> </td><td style="text-align: left;">A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6537" target="_blank">CVE-2018-6537</a><br /><a href="https://www.exploit-db.com/exploits/43936/" target="_blank">EXPLOIT-DB</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fmtlib -- fmtlib<br /> </td><td style="text-align: left;">fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000052" target="_blank">CVE-2018-1000052</a><br /><a href="https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7" target="_blank">CONFIRM</a><br /><a href="https://github.com/fmtlib/fmt/issues/642" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fortinet -- fortigate_fortidb</td><td style="text-align: left;">Multiple cross-site scripting (XSS) vulnerabilities in Java number format exception handling in FortiGate FortiDB before 4.4.2 allow remote attackers to inject arbitrary web script or HTML via the conversationContext parameter to (1) admin/auditTrail.jsf, (2) mapolicymgmt/targetsMonitorView.jsf, (3) vascan/globalsummary.jsf, (4) vaerrorlog/vaErrorLog.jsf, (5) database/listTargetGroups.jsf, (6) sysconfig/listSystemInfo.jsf, (7) vascan/list.jsf, (8) network/router.jsf, (9) mapolicymgmt/editPolicyProfile.jsf, or (10) mapolicymgmt/maPolicyMasterList.jsf.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6347" target="_blank">CVE-2012-6347</a><br /><a href="https://fortiguard.com/psirt/FG-IR-012-007" target="_blank">CONFIRM</a><br /><a href="https://www.vulnerability-lab.com/get_content.php?id=558" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fortinet -- fortigate_utm_waf_appliances_with_fortios</td><td style="text-align: left;">Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Endpoint Monitor, (2) Dialup List, or (3) Log&amp;Report Display modules or the fields_sorted_opt parameter to (4) user/auth/list or (5) endpointcompliance/app_detect/predefined_sig_list.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0941" target="_blank">CVE-2012-0941</a><br /><a href="http://packetstormsecurity.org/files/109168/VL-144.txt" target="_blank">MISC</a><br /><a href="http://www.securityfocus.com/bid/51708" target="_blank">BID</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/72761" target="_blank">XF</a><br /><a href="https://fortiguard.com/psirt/FG-IR-012-001" target="_blank">CONFIRM</a><br /><a href="https://securitytracker.com/id/1026594" target="_blank">SECTRACK</a><br /><a href="https://www.vulnerability-lab.com/get_content.php?id=144" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fortinet -- fortiweb</td><td style="text-align: left;">Multiple cross-site scripting (XSS) vulnerabilities in FortiWeb before 4.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) redir or (2) mkey parameter to waf/pcre_expression/validate.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6346" target="_blank">CVE-2012-6346</a><br /><a href="https://fortiguard.com/psirt/FG-IR-012-008" target="_blank">CONFIRM</a><br /><a href="https://www.vulnerability-lab.com/get_content.php?id=702" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">foxit -- foxit_reader_and_phantompdf<br /> </td><td style="text-align: left;">Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafted PDF file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6169" target="_blank">CVE-2016-6169</a><br /><a href="https://fortiguard.com/zeroday/FG-VD-16-018" target="_blank">MISC</a><br /><a href="https://www.foxitsoftware.com/support/security-bulletins.php" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">foxit -- foxit_reader_and_phantompdf<br /> </td><td style="text-align: left;">Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6168" target="_blank">CVE-2016-6168</a><br /><a href="https://fortiguard.com/zeroday/FG-VD-16-021" target="_blank">MISC</a><br /><a href="https://www.foxitsoftware.com/support/security-bulletins.php" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">freebsd -- freebsd<br /> </td><td style="text-align: left;">patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1 allows remote attackers to execute arbitrary commands via a crafted patch file.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1418" target="_blank">CVE-2015-1418</a><br /><a href="http://www.securityfocus.com/bid/76236" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1033188" target="_blank">SECTRACK</a><br /><a href="https://www.freebsd.org/security/advisories/FreeBSD-SA-15:18.bsdpatch.asc" target="_blank">FREEBSD</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">freebsd -- freebsd<br /> </td><td style="text-align: left;">The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authenticated users to cause a denial of service (assertion failure and daemon exit) via a query from a network that is not directly connected.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5674" target="_blank">CVE-2015-5674</a><br /><a href="http://www.securityfocus.com/bid/76244" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1033185" target="_blank">SECTRACK</a><br /><a href="https://www.freebsd.org/security/advisories/FreeBSD-SA-15:19.routed.asc" target="_blank">FREEBSD</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">freebsd -- freebsd<br /> </td><td style="text-align: left;">Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1416" target="_blank">CVE-2015-1416</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/07/30/9" target="_blank">MLIST</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/08/01/4" target="_blank">MLIST</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/08/02/1" target="_blank">MLIST</a><br /><a href="http://www.openwall.com/lists/oss-security/2015/08/02/6" target="_blank">MLIST</a><br /><a href="http://www.securityfocus.com/bid/76116" target="_blank">BID</a><br /><a href="http://www.securitytracker.com/id/1033110" target="_blank">SECTRACK</a><br /><a href="https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc" target="_blank">FREEBSD</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">fuji_electric -- v-server_vpr<br /> </td><td style="text-align: left;">A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-5442" target="_blank">CVE-2018-5442</a><br /><a href="http://www.securityfocus.com/bid/102903" target="_blank">BID</a><br /><a href="https://ics-cert.us-cert.gov/advisories/ICSA-18-032-01" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">futomi -- mp_form_mail_cgi_ecommerce_edition<br /> </td><td style="text-align: left;">MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0514" target="_blank">CVE-2018-0514</a><br /><a href="http://www.futomi.com/library/mpmailec.html#history" target="_blank">CONFIRM</a><br /><a href="https://jvn.jp/en/jp/JVN15462187/index.html" target="_blank">JVN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gifsicle -- gifsicle<br /> </td><td style="text-align: left;">A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-18120" target="_blank">CVE-2017-18120</a><br /><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878739" target="_blank">MISC</a><br /><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881120" target="_blank">MISC</a><br /><a href="https://github.com/kohler/gifsicle/commit/118a46090c50829dc543179019e6140e1235f909" target="_blank">MISC</a><br /><a href="https://github.com/kohler/gifsicle/issues/117" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">git -- git<br /> </td><td style="text-align: left;">GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000021" target="_blank">CVE-2018-1000021</a><br /><a href="http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnome -- librsvg<br /> </td><td style="text-align: left;">GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000041" target="_blank">CVE-2018-1000041</a><br /><a href="https://github.com/GNOME/librsvg/commit/c6ddf2ed4d768fd88adbea2b63f575cd523022ea" target="_blank">CONFIRM</a><br /><a href="https://github.com/ImageMagick/librsvg/commit/f9d69eadd2b16b00d1a1f9f286122123f8e547dd" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- binutils<br /> </td><td style="text-align: left;">The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6872" target="_blank">CVE-2018-6872</a><br /><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22788" target="_blank">CONFIRM</a><br /><a href="https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=ef135d4314fd4c2d7da66b9d7b59af4a85b0f7e6" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- binutils<br /> </td><td style="text-align: left;">The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6759" target="_blank">CVE-2018-6759</a><br /><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22794" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- binutils<br /> </td><td style="text-align: left;">In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6543" target="_blank">CVE-2018-6543</a><br /><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22769" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gnu -- c_library<br /> </td><td style="text-align: left;">The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6551" target="_blank">CVE-2018-6551</a><br /><a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22774" target="_blank">CONFIRM</a><br /><a href="https://sourceware.org/git/?p=glibc.git;a=commit;h=8e448310d74b283c5cd02b9ed7fb997b47bf9b22" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">go -- go<br /> </td><td style="text-align: left;">Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6574" target="_blank">CVE-2018-6574</a><br /><a href="https://github.com/golang/go/issues/23672" target="_blank">CONFIRM</a><br /><a href="https://groups.google.com/forum/#%21topic/golang-nuts/Gbhh1NxAjMU" target="_blank">CONFIRM</a><br /><a href="https://groups.google.com/forum/#%21topic/golang-nuts/sprOaQ5m3Dk" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android<br /> </td><td style="text-align: left;">NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-38027496. Reference: N-CVE-2017-6258.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6258" target="_blank">CVE-2017-6258</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- android<br /> </td><td style="text-align: left;">NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. This issue is rated as high. Product: Android. Version: N/A. Android: A-65023166. Reference: N-CVE-2017-6279.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6279" target="_blank">CVE-2017-6279</a><br /><a href="https://source.android.com/security/bulletin/2018-02-01" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5126" target="_blank">CVE-2017-5126</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/760455" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5128" target="_blank">CVE-2017-5128</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/765469" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15390" target="_blank">CVE-2017-15390</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/750239" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5129" target="_blank">CVE-2017-5129</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/765495" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15397" target="_blank">CVE-2017-15397</a><br /><a href="http://www.securityfocus.com/bid/102435" target="_blank">BID</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-chrome-os_27.html" target="_blank">MISC</a><br /><a href="https://crbug.com/627300" target="_blank">MISC</a><br /><a href="https://wwws.nightwatchcybersecurity.com/2018/01/01/chromeos-doesnt-always-use-ssl-during-startup-cve-2017-15397/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15391" target="_blank">CVE-2017-15391</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/598265" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5124" target="_blank">CVE-2017-5124</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://chromium.googlesource.com/chromium/src/+/4558c2885e618557a674660aff57404d25537070" target="_blank">MISC</a><br /><a href="https://crbug.com/762930" target="_blank">MISC</a><br /><a href="https://github.com/Bo0oM/CVE-2017-5124" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a><br /><a href="https://www.reddit.com/r/netsec/comments/7cus2h/chrome_61_uxss_exploit_cve20175124/" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">A use after free in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an ImageCapture NULL pointer dereference.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15395" target="_blank">CVE-2017-15395</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/759457" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Incorrect implementation in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15386" target="_blank">CVE-2017-15386</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/752003" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">An insufficient watchdog timer in navigation in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15389" target="_blank">CVE-2017-15389</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/739621" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5130" target="_blank">CVE-2017-5130</a><br /><a href="http://bugzilla.gnome.org/show_bug.cgi?id=783026" target="_blank">MISC</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/722079" target="_blank">MISC</a><br /><a href="https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed" target="_blank">MISC</a><br /><a href="https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html" target="_blank">MLIST</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5131" target="_blank">CVE-2017-5131</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/744109" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5127" target="_blank">CVE-2017-5127</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/765384" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform domain spoofing in permission dialogs via IDN homographs in a crafted Chrome Extension.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15394" target="_blank">CVE-2017-15394</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/745580" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5125" target="_blank">CVE-2017-5125</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/749147" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page, aka a Referer leak.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15393" target="_blank">CVE-2017-15393</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/732751" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5132" target="_blank">CVE-2017-5132</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/718858" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Iteration through non-finite points in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15388" target="_blank">CVE-2017-15388</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/756563" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr_-ifr, because the exposure of these tokens is not restricted to any specific web site.</td><td style="text-align: center;">2018-02-05</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6654" target="_blank">CVE-2018-6654</a><br /><a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=1527" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15392" target="_blank">CVE-2017-15392</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/714401" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15400" target="_blank">CVE-2017-15400</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-chrome-os_27.html" target="_blank">MISC</a><br /><a href="https://crbug.com/777215" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentiality execute code via a crafted PDF file.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5133" target="_blank">CVE-2017-5133</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/762106" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">google -- chrome<br /> </td><td style="text-align: left;">Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-15387" target="_blank">CVE-2017-15387</a><br /><a href="http://www.securityfocus.com/bid/101482" target="_blank">BID</a><br /><a href="https://access.redhat.com/errata/RHSA-2017:2997" target="_blank">REDHAT</a><br /><a href="https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" target="_blank">MISC</a><br /><a href="https://crbug.com/756040" target="_blank">MISC</a><br /><a href="https://security.gentoo.org/glsa/201710-24" target="_blank">GENTOO</a><br /><a href="https://www.debian.org/security/2017/dsa-4020" target="_blank">DEBIAN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">graphicsmagick -- graphicsmagick<br /> </td><td style="text-align: left;">The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging area is not used.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6799" target="_blank">CVE-2018-6799</a><br /><a href="http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">gskit -- gskit<br /> </td><td style="text-align: left;">GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding. IBM X-Force ID: 138212.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1388" target="_blank">CVE-2018-1388</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22013022" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/138212" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">i-o_data_device -- multiple_products<br /> </td><td style="text-align: left;">Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-0512" target="_blank">CVE-2018-0512</a><br /><a href="http://www.iodata.jp/support/information/2018/magicalfinder/" target="_blank">CONFIRM</a><br /><a href="https://jvn.jp/en/jp/JVN36048131/index.html" target="_blank">JVN</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- aix<br /> </td><td style="text-align: left;">IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. IBM X-Force ID: 134067.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1692" target="_blank">CVE-2017-1692</a><br /><a href="http://aix.software.ibm.com/aix/efixes/security/suid_advisory.asc" target="_blank">CONFIRM</a><br /><a href="http://www.securitytracker.com/id/1040330" target="_blank">SECTRACK</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/134067" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- api_connect<br /> </td><td style="text-align: left;">IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1785" target="_blank">CVE-2017-1785</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22013061" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/136859" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- api_connect<br /> </td><td style="text-align: left;">IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138079.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1382" target="_blank">CVE-2018-1382</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22013054" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/138079" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- content_navigator<br /> </td><td style="text-align: left;">IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. An attacker could exploit this vulnerability to exploit other vulnerabilities in spreadsheet software. IBM X-Force ID: 137452.</td><td style="text-align: center;">2018-02-07</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1366" target="_blank">CVE-2018-1366</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22012674" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/137452" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- emptoris_sourcing<br /> </td><td style="text-align: left;">Open redirect vulnerability in IBM Emptoris Sourcing 10.0.0.x before 10.0.0.1_iFix3, 10.0.1.x before 10.0.1.3_iFix3, 10.0.2.x before 10.0.2.8_iFix1, 10.0.4.0 before 10.0.4.0_iFix8, and 10.1.0.0 before 10.1.0.0_iFix3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 111692.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0329" target="_blank">CVE-2016-0329</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21982629" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/111692" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- sametime</td><td style="text-align: left;">IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. IBM X-Force ID: 78048.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3331" target="_blank">CVE-2012-3331</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21613895" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/78048" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- security_guardium_database_activity_monitor<br /> </td><td style="text-align: left;">IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with low privileges to view report pages and perform some actions that only an admin should be performing, so there is risk that someone not authorized can change things that they are not suppose to. IBM X-Force ID: 137765.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1368" target="_blank">CVE-2018-1368</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22013302" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/137765" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- tivoli_business_service_manager<br /> </td><td style="text-align: left;">Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111480.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0311" target="_blank">CVE-2016-0311</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21986853" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/111480" target="_blank">XF</a><br /><a href="https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- tivoli_integrated_portal<br /> </td><td style="text-align: left;">Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0303" target="_blank">CVE-2016-0303</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21981591" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- tririga_application_platform<br /> </td><td style="text-align: left;">IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. IBM X-Force ID: 111486.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0312" target="_blank">CVE-2016-0312</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21979762" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/111486" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- tririga_application_platform<br /> </td><td style="text-align: left;">IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 might allow remote attackers to access arbitrary JSP pages via vectors related to improper input validation. IBM X-Force ID: 111412.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0300" target="_blank">CVE-2016-0300</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21979760" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/111412" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- tririga_application_platform<br /> </td><td style="text-align: left;">IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to read or modify arbitrary reports by leveraging an incorrect grant of access. IBM X-Force ID: 111783.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-0342" target="_blank">CVE-2016-0342</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=swg21980252" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/111783" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- websphere_application_server</td><td style="text-align: left;">The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. IBM X-Force ID: 72581.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4889" target="_blank">CVE-2011-4889</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/72581" target="_blank">XF</a><br /><a href="https://www-304.ibm.com/support/docview.wss?uid=swg21587015" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- websphere_portal</td><td style="text-align: left;">IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136005.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1761" target="_blank">CVE-2017-1761</a><br /><a href="http://www.ibm.com/support/docview.wss?uid=swg22012416" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/136005" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- websphere_portal</td><td style="text-align: left;">IBM WebSphere Portal 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138437.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1401" target="_blank">CVE-2018-1401</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/138437" target="_blank">MISC</a><br /><a href="https://www.ibm.com/support/docview.wss?uid=swg22013097" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ibm -- xiv_storage_system_devices<br /> </td><td style="text-align: left;">IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and 2812-114 devices before level 11.1.1 have hardcoded passwords for unspecified accounts, which allows remote attackers to gain user access via unspecified vectors. IBM X-Force ID: 75041.</td><td style="text-align: center;">2018-02-08</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2166" target="_blank">CVE-2012-2166</a><br /><a href="http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004256" target="_blank">CONFIRM</a><br /><a href="https://exchange.xforce.ibmcloud.com/vulnerabilities/75041" target="_blank">XF</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">icinga -- icinga<br /> </td><td style="text-align: left;">An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script executes a "kill `cat /pathname/icinga2.pid`" command, as demonstrated by icinga2.init.d.cmake.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6536" target="_blank">CVE-2018-6536</a><br /><a href="https://github.com/Icinga/icinga2/issues/5991" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">imagemagick -- imagemagick<br /> </td><td style="text-align: left;">THe OLEProperty class in ole/oleprop.cpp in libfpx 1.3.1-10, as used in ImageMagick 7.0.7-22 Q16 and other products, allows remote attackers to cause a denial of service (stack-based buffer under-read) via a crafted bmp image.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6876" target="_blank">CVE-2018-6876</a><br /><a href="https://github.com/ImageMagick/ImageMagick/issues/973" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infozip -- unzip<br /> </td><td style="text-align: left;">A heap-based buffer overflow exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000031" target="_blank">CVE-2018-1000031</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infozip -- unzip<br /> </td><td style="text-align: left;">An out-of-bounds read exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000033" target="_blank">CVE-2018-1000033</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infozip -- unzip<br /> </td><td style="text-align: left;">A heap-based buffer overflow exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000032" target="_blank">CVE-2018-1000032</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infozip -- unzip<br /> </td><td style="text-align: left;">An out-of-bounds read exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000034" target="_blank">CVE-2018-1000034</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">infozip -- unzip<br /> </td><td style="text-align: left;">A heap-based buffer overflow exists in InfoZip UnZip version &lt;= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000035" target="_blank">CVE-2018-1000035</a><br /><a href="https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">intel -- graphics_driver<br /> </td><td style="text-align: left;">Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5727" target="_blank">CVE-2017-5727</a><br /><a href="https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00089&amp;languageid=en-fr" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">invoiceplane -- invoiceplane<br /> </td><td style="text-align: left;">Invoice Plane version 1.5.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Client's details that can result in execution of javascript code . This vulnerability appears to have been fixed in 1.5.5 and later.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-1000508" target="_blank">CVE-2017-1000508</a><br /><a href="https://github.com/InvoicePlane/InvoicePlane/pull/557" target="_blank">CONFIRM</a><br /><a href="https://github.com/InvoicePlane/InvoicePlane/pull/557/commits/3fc256ccef403f5be9982f02ef340d9e01daabb2" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">ipswitch -- moveit<br /> </td><td style="text-align: left;">Ipswitch MoveIt v8.1 is vulnerable to a Stored Cross-Site Scripting (XSS) vulnerability, as demonstrated by human.aspx. Attackers can leverage this vulnerability to send malicious messages to other users in order to steal session cookies and launch client-side attacks.</td><td style="text-align: center;">2018-02-02</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6545" target="_blank">CVE-2018-6545</a><br /><a href="https://crowdshield.com/blog.php?name=ipswitch-moveit-stored-xss" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins<br /> </td><td style="text-align: left;">Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000054" target="_blank">CVE-2018-1000054</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins<br /> </td><td style="text-align: left;">Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000056" target="_blank">CVE-2018-1000056</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins<br /> </td><td style="text-align: left;">Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000055" target="_blank">CVE-2018-1000055</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins<br /> </td><td style="text-align: left;">Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to configured passwords being provided to the build. Those values are not subject to masking, and could allow unauthorized users to recover the original password.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000057" target="_blank">CVE-2018-1000057</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jenkins -- jenkins<br /> </td><td style="text-align: left;">Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles.</td><td style="text-align: center;">2018-02-09</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-1000058" target="_blank">CVE-2018-1000058</a><br /><a href="https://jenkins.io/security/advisory/2018-02-05/" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jhead -- jhead<br /> </td><td style="text-align: left;">An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-read when processing a malicious JPEG file, which may allow a remote attacker to cause a denial-of-service attack or unspecified other impact.</td><td style="text-align: center;">2018-02-04</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6612" target="_blank">CVE-2018-6612</a><br /><a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889272" target="_blank">CONFIRM</a><br /><a href="https://launchpad.net/ubuntu/+source/jhead/1:3.00-6" target="_blank">CONFIRM</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jiangmin -- antivirus<br /> </td><td style="text-align: left;">In Jiangmin Antivirus 16.0.0.100, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x221808.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6787" target="_blank">CVE-2018-6787</a><br /><a href="https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KVFG_221808" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jiangmin -- antivirus<br /> </td><td style="text-align: left;">In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A0081E4.</td><td style="text-align: center;">2018-02-06</td><td style="width: 5%; text-align: center;">not yet calculated</td><td><a href="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2018-6780" target="_blank">CVE-2018-6780</a><br /><a href="https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4" target="_blank">MISC</a></td></tr><tr><td class="vendor-product" scope="row" style="text-align: left;">jiangmin -- antivirus<br /> </td><td style="text-align: left;">In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008088.</td><td style="text-align: center;">2018-02-06</td><td style="width: