Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2018
CVE-2017-0935
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system.
CVSS Score
8.8
EPSS Score
0.004
Published
2018-03-22
CVE-2017-16771
Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-03-22
CVE-2017-16772
Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter.
CVSS Score
8.8
EPSS Score
0.014
Published
2018-03-22
CVE-2018-8930
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3.
CVSS Score
9.0
EPSS Score
0.006
Published
2018-03-22
CVE-2018-8931
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
CVSS Score
9.0
EPSS Score
0.005
Published
2018-03-22
CVE-2018-8932
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.
CVSS Score
9.0
EPSS Score
0.005
Published
2018-03-22
CVE-2018-8933
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3.
CVSS Score
9.0
EPSS Score
0.005
Published
2018-03-22
CVE-2018-8934
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
CVSS Score
9.0
EPSS Score
0.006
Published
2018-03-22
CVE-2018-8935
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.
CVSS Score
9.0
EPSS Score
0.006
Published
2018-03-22
CVE-2017-18094
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setting of a configured file system repository.
CVSS Score
4.8
EPSS Score
0.001
Published
2018-03-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved