CVSS: 5.6EPSS: 97%CPEs: 1467EXPL: 3CVE-2017-5753 – Multiple CPUs - 'Spectre' Information Disclosure
https://notcve.org/view.php?id=CVE-2017-5753
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Los sistemas con microprocesadores con ejecución especulativa y predicción de ramas podrían permitir la revelación no autorizada de información al atacante con acceso de usuario local mediante un análisis de un canal lateral. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. • https://www.exploit-db.com/exploits/43427 https://github.com/sachinthaBS/Spectre-Vulnerability-CVE-2017-5753- http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html http://nvidia.custhe • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-16766
https://notcve.org/view.php?id=CVE-2017-16766
An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM) before 6.1.4-15217 and before 6.0.3-8754-6 allows local users to inject arbitrary web script or HTML via the -fn option. Una vulnerabilidad de control de acceso incorrecto en synodsmnotify en Synology DiskStation Manager (DSM), en versiones anteriores a la 6.1.4-15217 y anteriores a la 6.0.3-8754-6, permite que usuarios locales inyecten scripts web o HTML arbitrarios mediante la opción -fn. • https://www.synology.com/en-global/support/security/Synology_SA_17_74 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-15894
https://notcve.org/view.php?id=CVE-2017-15894
Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology DiskStation Manager (DSM) 6.0.x before 6.0.3-8754-3 and before 5.2-5967-6 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter. Una vulnerabilidad de salto de directorio en SYNO.FileStation.Extract en Synology DiskStation Manager (DSM) en versiones 6.0.x anteriores a la 6.0.3-8754-3 y anteriores a la 5.2-5967-6 permite que usuarios remotos autenticados escriban archivos arbitrarios mediante el parámetro dest_folder_path. • https://www.synology.com/en-global/support/security/Synology_SA_17_70_DSM • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.8EPSS: 15%CPEs: 1EXPL: 1CVE-2017-15889 – Synology DiskStation Manager - smart.cgi Remote Command Execution
https://notcve.org/view.php?id=CVE-2017-15889
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. Vulnerabilidad de inyección de comandos en smart.cgi en Synology DiskStation Manager (DSM) en versiones anteriores a la 5.2-5967-5 permite que usuarios autenticados remotos ejecuten comandos arbitrarios mediante el campo disk. • https://www.exploit-db.com/exploits/48514 http://packetstormsecurity.com/files/157807/Synology-DiskStation-Manager-smart.cgi-Remote-Command-Execution.html https://www.synology.com/en-global/support/security/Synology_SA_17_65_DSM • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 30%CPEs: 54EXPL: 3CVE-2017-14491 – Dnsmasq < 2.78 - 2-byte Heap Overflow
https://notcve.org/view.php?id=CVE-2017-14491
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. Un desbordamiento de búfer basado en memoria dinámica (heap) en dnsmasq en versiones anteriores a la 2.78 permite a los atacantes provocar una denegación de servicio (cierre inesperado) o ejecutar código arbitrario utilizando una respuesta DNS manipulada. A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. Dnsmasq versions prior to 2.78 suffer from a 2-byte heap-based overflow vulnerability. • https://www.exploit-db.com/exploits/42941 https://github.com/skyformat99/dnsmasq-2.4.1-fix-CVE-2017-14491 http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00006.html http://nvidia.custhelp.com/app/answers/detail/a_id/4560 http://nvidia.custhelp.com/a • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •